CAS and multidomain environment
87 views
Skip to first unread message
Alexandre Arcanjo de Queiroz
Oct 24, 2016, 2:12:46 PM10/24/16
to CAS Community
Hi, I need some help.
I have a cas server in domain https://mycompany.com/cas and 2 services: one in https://myapp.com/app (App1) and another in https://myapp.com/service (App2). The basic flow is:
(login) -> https://mycompany.com/cas (redirect to) -> https://myapp.com/app
And App1 consumes XHR REST Web Services (Ajax) from App2. But in the first request to App2, The App2 does not recognize it is not logged into cas and need a synchronous request to login. I am using CORS and I added these headers in Nginx:
add_header Access-Control-Allow-Origin "$http_origin";
add_header Access-Control-Allow-Headers 'origin, x-requested-with, content-type';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Credentials 'true';
This flow is OK in Chrome, but in firefox the browser uses OPTIONS Http Method. Any idea to configure or customize CAS to support multidomain?
Pascal Rigaux
Oct 26, 2016, 3:13:31 AM10/26/16
to cas-...@apereo.org
Hi,
AFAIK you may have cookies on first CORS request, but after a 302 no more cookies.
So a direct CORS to CAS with CAS accepting CORS should work.
If CAS 302 to your app, on same domain, it should work too.
Could you tell more?
NB: as for me, i use JSONP for login, then CORS afterwards.
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org <mailto:cas-user+u...@apereo.org>.
> To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc1776c8-65cf-43b4-8acb-e6cba35edd71%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc1776c8-65cf-43b4-8acb-e6cba35edd71%40apereo.org?utm_medium=email&utm_source=footer>.
--
Pascal Rigaux
Expert en développement et déploiement d'applications
DSIUN-SAS (service applications et services numériques)
Université Paris 1 Panthéon-Sorbonne - Centre Pierre Mendès France (PMF)
B 402 - 90, rue de Tolbiac - 75634 PARIS CEDEX 13 - FRANCE
Tél : 01 44 07 86 59
AFAIK you may have cookies on first CORS request, but after a 302 no more cookies.
So a direct CORS to CAS with CAS accepting CORS should work.
If CAS 302 to your app, on same domain, it should work too.
Could you tell more?
NB: as for me, i use JSONP for login, then CORS afterwards.
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org <mailto:cas-user+u...@apereo.org>.
> To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc1776c8-65cf-43b4-8acb-e6cba35edd71%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/fc1776c8-65cf-43b4-8acb-e6cba35edd71%40apereo.org?utm_medium=email&utm_source=footer>.
--
Pascal Rigaux
Expert en développement et déploiement d'applications
DSIUN-SAS (service applications et services numériques)
Université Paris 1 Panthéon-Sorbonne - Centre Pierre Mendès France (PMF)
B 402 - 90, rue de Tolbiac - 75634 PARIS CEDEX 13 - FRANCE
Tél : 01 44 07 86 59
Reply all
Reply to author
Forward
0 new messages