I think we can manage to present the Kerberos TGT content as a cooky file such
than CAS may found it.
My question was abount the work on the genericHandler, as already adapted to
use Kerberos authentication, to use this ticket. The CAS client part adaptation
to use the TGT instead of displaying authentication form may not be the harder.
________________________________
De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Scott
Battaglia
Envoyé : jeudi 31 janvier 2008 19:58
À : Yale CAS mailing list
Objet : Re: kerberos authentication and computer login
Michel,
If the web browser that your organization uses will expose the Kerberos
TGT (or generate something else that is needed) such that CAS can obtain it
from the request, then you can use it. I'm not sure which, if any browsers do
that.
Thanks
-Scott
On Jan 31, 2008 12:39 PM, Sauvard, Michel <[EMAIL PROTECTED]> wrote:
Hello, I check if we can use CAS.
Our concern is to avoid a login on the computer then the CAS
connection.
If we use Kerberos authentication, for both computer login
(UNIX PAM, Windows pGINA) and CAS
The computer login gives a Kerberos TGT.
Do you think we have a lot of work, if any, to use this ticket
instead of user/password to obtain the CAS TGC without displaying an
authentication form.
Best regards
Michel SAUVARD
EDS - France
Département Solution et Service en Sécurité Publique (D3SP)
190, rue Claude-Nicolas LEDOUX
BP 83000 - 13793 Aix-en-Provence Cedex 3 France
* +33 (0)4 42 39 39 05
* mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
