On Thu, May 29, 2008 at 2:30 PM, Michael Ströder <[EMAIL PROTECTED]> wrote: > Alatalo, Antoni wrote: >> >> Is it possible to create authentication via kerberos and if not >> authenticated then username/password authentication? > > Yes, I did exactly this with CAS 3.2 (now 3.2.1) for SPNEGO/Kerberos5 > and fall-back to LDAP bind request for MS AD if SPNEGO wasn't successful.
Antoni & Michael, I confirm this is also working with older CAS release (3.0 and 3.1). This is also nice while using an extra step in the login webflow you can also give choice to user either to : - authenticate using SPNEGO (autologin feature) - authenticate using LDAP (manual authentication) or even JDBC or an other authentication handler... This allows the user to switch identities for WebSSO without proceeding a full logoff/logon on its Windows session. Regards, -- Arnaud Lesueur LinkedIn: http://www.linkedin.com/in/lesueur _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
