We have an authentication issue on CAS 6.2 on Safari browsers, more generally on iOS devices. Each client has correctly configured its own iframe and customizations on the service part on CAS. The federated sites all have different domains and all call the same server:
www.mysite1.com -> CAS.casdomain.com/cas/login... www.mysite2.com -> CAS.casdomain.com/cas/login... .... www.mysiteN.com -> CAS.casdomain.com/cas/login... SSO works perfectly as long as the user is not using an iPad or iPhone. In this case the default "prevent cross-site checking" setting is disabled and does not allow the iframe to set the cookie correctly. How can I fix this on the server side? Is it possible to manage the virtual hosts on Tomcat on the CAS Server or is there an alternative solution? In fact I was thinking to configure the virtual hosts so that each site calls the CAS with the same domain: www.mysite1.com -> CAS.mysite1.com/cas/login... www.mysite2.com -> CAS.mysite2.com/cas/login... .... www.mysiteN.com -> CAS.mysiteN.com/cas/login... and properly configuring Tomcat to redirect each call to the same CAS application. Thank you very much Giuseppe Translated with www.DeepL.com/Translator (free version) -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0eafe31b-9753-403c-81e9-bf90b79b7f1en%40apereo.org.