Hey everyone-
We are in the process of rolling out CAS as our internal SSO mechanism, but
it will only affect a subset of our existing web applications for the first
release. Essentially, I need to CAS-ify one of our applications such that
is aware of whether the user was authenticated by CAS (or one of our legacy
mechanisms).
My initial thought is to add a cookie at Login time via CAS asserting that
the user was authenticated by CAS. This cookie would then be used by
downstream CAS-ified apps to determine whether to request the CAS service
ticket, or to use one of the other mechanisms.
I considered one of the existing CAS cookies, but CAS and the service will
not reside on the same fully-qualified domain.
https://cas.mycompany.com
http://service.mycompany.com
I figured that I would set the new cookie at the base domain, i.e.:
Request.Cookies.Add("*.mycompany.com", authenticatedByCasCookie)
Any thoughts on this approach and/or tips on how to extend CAS to support
this?
Thanks!
-Chris Hatton
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
