1. You are authenticated by CAS and you get a ticket. 2. You return to the webapp with that ticket. 3. You show the ticket to the gate keeper. 4. The keeper don't know whether the ticket is fake, so he request CAS to validate the ticket (/validate or /serviceValidate). 5. CAS responses the keeper the ticket is real or fake. 6. The keeper decides whether to allow you enter the webapp.
You have to modify your authenication program (the gate keeper). Regards, Shi Yusen/Beijing Langhua Ltd. 在 2009-05-04一的 23:17 +0530,Venka Ashtakala写道: > I am very new to CAS and I had a question about how its 'Single Sign > On' is supposed to work: > > I have setup a CAS 3.3.2 server and it is up and running without any > modifications, ie, to login I just use the same username and password. > I have CASified a Java Web application. > > When I access the login page of the Java web application, the browser > is redirected to the CAS server, where I login and am returned to my > Java web app so that is working as it should. However, if I login to > the CAS server first, then try to access my Java web app, it does not > seem to know that I have already authenticated with CAS and it directs > me to the CAS server to login again? It was my understanding that > once I have authenticated with CAS, if I access any other applications > that have been CASified they should "know" that I have already > authenticated and not forward me back to the login page. Do I need to > configure something on the CAS client or on the CAS server? > > Thanks, > Venka > > -- > Venka Ashtakala, B.Eng, G.C. Eng > Venka Ashtakala & Associates > Software Development Consultants > [email protected] > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
