CAS working with multidomain

[Pablo Vidaurri]

planning to have a dedicated login domain such as https://login-newco.com/cas/login

I also plan on having multiple regional domains such as 

• https://www.newco.com
• https://www.newco.cn
• https://www.newco.eu

I also have multiple web contexts including APIs behind a cas client endpoint for each regional domain such as:

• https://www.newco.com/users/v1
• https://www.newco.eu/users/v1
• https://www.newco.eu/products/v1

They are all configured to use Saml11AuthenticationFilter and Saml11TicketValidationFilter.

When have everything under 1 domain including login (no https://login-newco.com/cas/login) but just https://newco.com/cas/login all works fine. But I get CORS issue on the client side when trying to use a separate login domain with regional application domains:

Reason: CORS header ‘Access-Control-Allow-Origin’ missing

Not sure how to proceed. Hopefully I'm not hitting a limitation on CAS.