Thanks Jason, I have now fixed my problem. My CAS filter on my Struts Bridge portlet/application backend was previously only targeted against "*.do" (i.e. all Struts actions) and when this was the case the XMLHttpRequests were failing.
I checked the response I was getting from the AJAX requests using Firebug and the requests were being redirected to the CAS login screen. I fixed my problem by adding "*.js" to the CAS filter so that when my portlet page loaded an invisible "single sign on" occurs. As you suggest, this appears to be piggy backing on the sso browser session and I imagine it is now passing additional cookie information that was not there before so that now requests to the backend application actually work! At least I think this is what is happening! :-/ Anyway it works now. Mark Jason Shao wrote: > On May 14, 2007, at 9:22 PM, tom tom wrote: > >> You can easiy use struts 2, which got AJAX and native >> portlet support. >> >> CAS is a sepeate this all together, > > Mark -- I think the direction you're going is allowing AJAX/JS calls > to CAS protected resources right? So this discussion is really > orthogonal to what framework/technology you're using in your portlets, > it's mostly an AJAX-level question. > > What kind of resources are you trying to access? I added some > (slightly) more detailed thoughts as a comment to your wiki page, but > it seems like you could piggyback on sso/browser sessions to get the > experience you're looking for. > > Jason _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
