-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I assume there is a reason you have not looked into this, but you did not mention it, so I thought I would ask: Why not simply tie App B to CAS A and be done with it? This is the route we are taking at UNI with the one application we have that shipped with it's own CAS server, and it is working out fantastically.
Jeff On 08/01/2011 09:12 AM, John Field wrote: > Hi all, > > I am currently running CAS 3.4.8, and I would like to have my CAS > server trust the login performed at another CAS server (3.4.2). > That is: > > App A trusts CAS A (3.4.8). App B trusts CAS B (3.4.2). > > I would like to have CAS A accept a service ticket issued by CAS B, > as proof of good authentication, and then have CAS A issue a TGT/ST > for application A. > > Is there any native support for this type of deployment? i.e. can I > accomplish this entirely through configuration, or would this require > writing custom code? > > We can make the simplifying assumption that the user population is > the same, i.e. both CAS servers share a common OpenLDAP back end, so > there is no worry about username collisions. > > Thanks, John Field > > - -- Jeff Chapin, Assistant Systems/Applications Administrator ITS-IS, University of Northern Iowa Phone: 319-273-3162 Email: jeff.cha...@uni.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk4/+yQACgkQQiaEUfQoY7QaPwCeJkoceLKB4r30C8/J34XW9GVy 8YoAn1QUW4juTfdeW7k7FAozHA2PoSYg =iB3R -----END PGP SIGNATURE----- -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
