Hi Scott, does it mean that if the user closes his browser then the cookie is lost? so if he opens a new browser window (new session) he will have to supply authentication to CAS again... is there a way to set long lived cookies using CAS so the cookie does not die when the browser closes? Thanks for your help again Scott, Sandeep
-----Original Message----- From: Scott Battaglia [mailto:[EMAIL PROTECTED] Sent: 18 April 2007 12:56 To: Yale CAS mailing list Subject: Re: multiple domains Sandeep, CAS will place a cookie (called a Ticket Granting Cookie) in the browser's session. When the user is redirected to CAS, it reads the ticket. If the ticket is valid, it generates a service ticket for that service (a Ticket Granting Ticket is tied to a user). Otherwise it will ask the user to authenticate. -Scott On 4/18/07, Sandeep Shetty < [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > wrote: Hi Scott, thanks for your explanation, couple more questions... what happens next time when the same browser asks for the same service but this time from a different domain. does the user have to authenticate again? if not how does CAS know that it is the same user? Thanks a lot! Sandeep -----Original Message----- From: Scott Battaglia [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] Sent: 17 April 2007 19:47 To: Yale CAS mailing list Subject: Re: multiple domains CAS can authenticate services from any domain. Services redirect to the CAS server, a ticket is generated and then the browser is redirected back the service with the ticket: http://www.ja-sig.org/products/cas/overview/cas2_architecture/index.html <http://www.ja-sig.org/products/cas/overview/cas2_architecture/index.html> -Scott On 4/17/07, Sandeep Shetty < <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]> wrote: Hi, the overview and examples given in the overview suggests that it works for sub domains eg: mail.yale.edu <http://mail.yale.edu> , secure.yale.edu <http://secure.yale.edu> etc... i was wondering (and could not understand is) how does CAS overcome the multiple domain issue, as in how does it persist user session information across multiple domains. One way do to it is cookies and redirection as suggested below < http://www.15seconds.com/issue/971108.htm <http://www.15seconds.com/issue/971108.htm> > http://www.15seconds.com/issue/971108.htm <http://www.15seconds.com/issue/971108.htm> does it use a similar concept? Regards, Sandeep -----Original Message----- From: Scott Battaglia [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] Sent: 17 April 2007 16:28 To: Yale CAS mailing list Subject: Re: multiple domains I don't believe there is any specific document on it. Its not a special case or anything. Its what CAS does. The overview on our web site may be of some assistance: http://www.ja-sig.org/products/cas/overview/index.html <http://www.ja-sig.org/products/cas/overview/index.html> -Scott On 4/17/07, Sandeep Shetty < <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]> wrote: apologies, i think my email was incomplete, i meant if there was a doc/article of CAS being used across multiple domains that i could refer to. I tried to google for it but could not find. Thanks again, Sandeep -----Original Message----- From: Sandeep Shetty [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] Sent: 17 April 2007 16:10 To: 'Yale CAS mailing list' Subject: RE: multiple domains Hi scott, thanks for your reply, is there an article/doc abt it I can read? Thanks a lot Sandeep -----Original Message----- From: Scott Battaglia [mailto: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ] Sent: 17 April 2007 13:32 To: Yale CAS mailing list Subject: Re: multiple domains Yes, CAS can work in an environment where there are multiple domains as each request for authentication is redirected to the CAS server (vs. trying to read a cookie). -Scott On 4/17/07, Sandeep Shetty < <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED]> wrote: Hi Guys, is it possible to use CAS in an environment where we have multiple domains eg: www.abc.com <http://www.abc.com> , www.xyz.com <http://www.xyz.com> and www.pqr.com <http://www.pqr.com> and want a single logon for all those portals, i.e if i log on to www.abc.com <http://www.abc.com> and then if i go to www.xyz.com <http://www.xyz.com> i am already logged in. Thank you for your help! Regards, Sandeep This email is confidential and may also be privileged. If you are not the intended recipient please notify us immediately by telephoning +44 (0)20 7452 5300 or email [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . You should not copy it or use it for any purpose nor disclose its contents to any other person. Touch Local cannot accept liability for statements made which are clearly the sender's own and are not made on behalf of the firm. Touch Local Limited Registered Number: 2885607 VAT Number: GB896112114 Cardinal Tower, 12 Farringdon Road, London EC1M 3NN +44 (0)20 7452 5300 _______________________________________________ Yale CAS mailing list [email protected] <mailto:[email protected]> http://tp.its.yale.edu/mailman/listinfo/cas <http://tp.its.yale.edu/mailman/listinfo/cas> -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia <http://www.linkedin.com/in/scottbattaglia> This email is confidential and may also be privileged. If you are not the intended recipient please notify us immediately by telephoning +44 (0)20 7452 5300 or email [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . You should not copy it or use it for any purpose nor disclose its contents to any other person. Touch Local cannot accept liability for statements made which are clearly the sender's own and are not made on behalf of the firm. Touch Local Limited Registered Number: 2885607 VAT Number: GB896112114 Cardinal Tower, 12 Farringdon Road, London EC1M 3NN +44 (0)20 7452 5300 _______________________________________________ Yale CAS mailing list [email protected] <mailto:[email protected]> http://tp.its.yale.edu/mailman/listinfo/cas <http://tp.its.yale.edu/mailman/listinfo/cas> -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia <http://www.linkedin.com/in/scottbattaglia> This email is confidential and may also be privileged. If you are not the intended recipient please notify us immediately by telephoning +44 (0)20 7452 5300 or email [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . You should not copy it or use it for any purpose nor disclose its contents to any other person. Touch Local cannot accept liability for statements made which are clearly the sender's own and are not made on behalf of the firm. Touch Local Limited Registered Number: 2885607 VAT Number: GB896112114 Cardinal Tower, 12 Farringdon Road, London EC1M 3NN +44 (0)20 7452 5300 _______________________________________________ Yale CAS mailing list [email protected] <mailto:[email protected]> http://tp.its.yale.edu/mailman/listinfo/cas <http://tp.its.yale.edu/mailman/listinfo/cas> -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia <http://www.linkedin.com/in/scottbattaglia> This email is confidential and may also be privileged. If you are not the intended recipient please notify us immediately by telephoning +44 (0)20 7452 5300 or email [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . You should not copy it or use it for any purpose nor disclose its contents to any other person. Touch Local cannot accept liability for statements made which are clearly the sender's own and are not made on behalf of the firm. Touch Local Limited Registered Number: 2885607 VAT Number: GB896112114 Cardinal Tower, 12 Farringdon Road, London EC1M 3NN +44 (0)20 7452 5300 _______________________________________________ Yale CAS mailing list [email protected] <mailto:[email protected]> http://tp.its.yale.edu/mailman/listinfo/cas <http://tp.its.yale.edu/mailman/listinfo/cas> -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia <http://www.linkedin.com/in/scottbattaglia>
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
