Hello all,
I am a long-time CAS user, but this is the first time I am setting up a new CAS deployment myself. I plan to start my setup with the current development 6.1.0 release candidates.
I would have thought this question had been asked before, but searching here I can't seem to find it, so here goes...
The primary purpose of this CAS deployment will be to authenticate users to a SaaS product. We expect about half the users to be using our internal authentication (JDBC to PostgreSQL) and the other half to be using their own authentication (most of them will probably be ADFS) through Delegated Authentication.
The issue I have is that we can't have users who use Delegated Authentication have to look for their server on the list of Delegated Authentication providers, and we can't allow users who visit the login page to see a list of half of our clients right there to choose from.
What I would like to do is what Google and Microsoft have implemented for their login systems, namely that when you come to the login page you only see a box for "Email Address". After you enter your email address, we parse out the domain from it and check which authentication method to use for that domain. If it will be internal database authentication, we redirect to a form with a password field, and if it will be external authentication we redirect to the appropriate service.
I assume that I should be able to do this, most likely using Webflow Customization, but I really have no idea where to start.
I was wondering if anyone has done this before who can share some code and/or tips, or if anyone has any other recommendations.
Thanks,
Moshe