Hello, I am running CAS 5.2.2.
I have successfully configured CAS to use pac4j for delegated authentication. Specifically CAS/pac4j is configured as a SAML SP. When I browse to a CAS client I am redirected to the CAS server login page. I can then click a button to kick off the SAML flow and am redirected to the SAML IdP for authentication. After returning to the CAS/pac4j SAML SP I am then redirected to the CAS client with a ticket, which is later validated and I successfully access the resource. I would like the delegated SAML authentication flow to be the only CAS authentication mechanism and I would like it so that I do not have to click a button to kick off the SAML flow. Ideally the user would never "see" the CAS server at all. I thought this configuration would make that happen: cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=true cas.authn.policy.req.handlerName=Pac4j cas.authn.policy.req.tryAll=false cas.authn.policy.req.enabled=true cas.authn.accept.users= With this configuration I still see the login page and have to click a button to cause the SAML flow. Is it possible to have the SAML flow start immediately without having to click the button? If so what configuration do I need? Thanks, Scott K -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e93b3d08-8bf3-42e3-b7e0-5e856b8f8af8%40apereo.org.