Stephen, A site does not need to use gateway=true. You use gateway=true if you're merely interested in knowing if a SSO on session exists. If you want to start a session if one does not exist, you would leave off the gateway=true.
CAS currently does not maintain state of what applications have used CAS to log in (they are all responsible for their own sessions). Each application's session is independent of all other application's sessions. Thus, no one needs to check in with CAS. -Scott On 2/28/07, Stephen Lynn <[EMAIL PROTECTED]> wrote:
I'm fairly new to CAS so this may be a dumb question but it's a question I'm having anyway. We are working on setting things up to enable SSO for our University's websites. I'm curious what the recommended approach to this is. As I understand it, a site that wants to use SSO needs to redirect the browser to CAS passing it the gateway=true parameter so CAS can determine if the browser has a current session and then return a session ticket to the requesting site if the person is logged in. Using this model, it appears that a site will need to redirect every page request to CAS so the site will be aware of any logins/logouts on other sites using CAS and act appropriately. That seems like a lot of overhead and could be very problematic for things like form submissions. Is this the recommended approach for SSO and keeping individual site sessions in sync with the browser's CAS session? Am I missing something? Stephen Lynn _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
