Chris, They don't need proxying. Let's suppose the following exists:
Application A -> Utilizes CAS A Application B -> Utilizes CAS B If a user attempts to access Application A, he (or she) will be redirected to CAS A to authenticate and then (assuming success) sent back to Application A. If the user then attempts to access Application A, the user will be redirected to CAS B. At this point, you can have CAS B either (a) ask for credentials or (b) act as a client to CAS A. What (b) means is that following the basic protocol, CAS B will redirect to CAS A with a service URL which would most likely be the URL that Application B redirected to.[1] CAS A would recognize the existing session (or ask for credentials if they session expired) and redirect back to CAS B. CAS B would need to be configured to look for service tickets and validate them. We don't have any built in support for that, but you would basically need to write a NonInteractiveCredentialsAction and an AuthenticationHandler to process the credentials. From that point, the ticket is treated like any other form of credentials. -Scott [1] The best way to do this may be to use the existing Java client which would allow you to use the gateway feature which could allow you to check if a session exists at A and use it if it does, otherwise go to B for the credentials. On Nov 26, 2007 5:03 PM, Chris Brooks <[EMAIL PROTECTED]> wrote: > Hi, > > I'm trying to get trusted authentication to go between two CAS servers. > That is, a user might hit an application that uses the one server, > then hit an application that uses the second server and I want that > server to trust the session that is already in place. > > Can someone poke me in the right direction for this? Do I set the > servers up to proxy validate against one another? > > Thanks, > > Chris > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
