Adam Rybicki a écrit :
Hi,There is obviously something wrong if you are forced to authenticate more than once. However, CAS should not be affected by domain names. Did you change anything in the configuration of the ticketGrantingTicketCookieGenerator bean in cas-servlet.xml?
I haven't changed anything in servlet.xml.
The default configuration causes the browser to send the TGC only to the same server where it got the cookie. This sounds like the the option you should be using. If the TGC is not sent to CAS on subsequent service authentication requests, what could be invalidating or removing that cookie?
I think, the solution is to use CAS with virtualHost by domain. Regards -- Yannick Quenec'hdu EJBCA PKI Project - http://www.ejbca.org "Open Minds. Open Doors. Open Source."
Adam Yannick Quenec'hdu wrote:Hi, I would know, if I can use CAS in an environment multi-domain (DNS) ?My architecture is as follows, I have a CAS which protects two services, each service is in a different domain DNS. To each time, I pass from a service towards the other, I must negotiate my TGC again. Thus to authenticate me once again, awkward for a SSO…This problem provide by brower, who manages one cookie by domain, not possibile to mange a multi-domain cookie.Somebody know a solution to resolv this ? Regards. ------------------------------------------------------------------------ _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
