To add to what Adam said, make sure you are communicating with the CAS server over SSL. The Ticket Granting Cookie is only sent over SSL. You will not have an SSO session if you are communicating over an insecure channel.
-Scott On 10/12/07, Adam Rybicki <[EMAIL PROTECTED]> wrote: > > Hi, > > There is obviously something wrong if you are forced to authenticate more > than once. However, CAS should not be affected by domain names. Did you > change anything in the configuration of the > ticketGrantingTicketCookieGenerator bean in cas-servlet.xml? > > The default configuration causes the browser to send the TGC only to the > same server where it got the cookie. This sounds like the the option you > should be using. If the TGC is not sent to CAS on subsequent service > authentication requests, what could be invalidating or removing that cookie? > > Adam > > Yannick Quenec'hdu wrote: > > Hi, > > I would know, if I can use CAS in an environment multi-domain (DNS) ? > > My architecture is as follows, I have a CAS which protects two services, > each service is in a different domain DNS. > To each time, I pass from a service towards the other, I must negotiate my > TGC again. Thus to authenticate me once again, awkward for a SSO… > > This problem provide by brower, who manages one cookie by domain, not > possibile to mange a multi-domain cookie. > > Somebody know a solution to resolv this ? > > Regards. > > ------------------------------ > > _______________________________________________ > Yale CAS mailing list > [EMAIL PROTECTED]://tp.its.yale.edu/mailman/listinfo/cas > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
