Hi, We have a use case where we would like to have CAS perform an authentication check against an openid connect server before falling back to a standard CAS login page.
The scenario is: 1. User visits a CAS protected app 2. User is redirected to CAS 3. CAS uses an openid connect authentication request to a configured server, using prompt=none 4. If the oidc authentication succeeds - the user is authenticated - redirect back to the app with TGT and ST 5. If the oidc authentication fails (no authentication yet, and no login ui allowed due to prompt=none) fall back to the standard CAS login page The oidc configuration in this documentation below is close, except that the user must choose to click on the oidc client at the CAS login page. http://jasig.github.io/cas/development/integration/Delegate-Authentication.html Can CAS 4.1 be configured to use a "prompt=none" oidc authentication request as an "authentication handler"? If so, how would this be done? Thanks Dale -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
