The easiest way to do this is to modify casLoginView.jsp to accept credentials via the GET query string, and then set up your non-CASified app to redirect users to CAS URLs containing said credentials. This is not secure in the slightest, hence why CAS doesn?t accept credentials through GET by default.
The other way would be for the non-CASified app to do the CAS login for the user, and then redirect the user to a custom pickup endpoint that drops the TGC and session ID in the browser before redirecting to the destination URL. We do this as a temporary solution with a portal application that already has its own SSO method and which we will soon replace with a CAS-enabled system; we added just enough so that it can sign users into CAS, and from there to all other CAS-enabled applications using essentially the same configuration. In both cases the non-CASified app must store the users? passwords. If the app doesn?t store credentials, or you don?t want it to do so, you could probably use something like Toro Gateway[1] together with CAS and ClearPass as a login fa?ade for the non-CASified app. I?d go for this solution myself. Best regards, -- Carlos. [1] https://code.google.com/p/toro-portal/wiki/Gateway_SSO_Portlet From: Joshua Brodie [mailto:josbro...@gmail.com] Sent: Thursday, 13 March, 2014 22:07 To: cas-user@lists.jasig.org Subject: [cas-user] Creating a CAS Session ---> From Another Application Hi List. We have a web application that is not integrated to CAS, but authenticates users against the same directory - i.e. user have same login name/passwords. When a person authenticates to the non-CASified application, is there a way to SSO to a CAS integrated application - i.e. user will not have to enter login/password again? Thanks. -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
