CAS 5.2 delegate authentication to custom CAS 3
116 views
Skip to first unread message
Diego Henrique Pagani
Mar 22, 2018, 4:52:34 PM3/22/18
to CAS Community
Hello,
I have a problem guys:
We have an legacy CAS3, witch has some customizations inside the source code and some application that only authenticate with this specific CAS (Let's call it app1).
Recently, I configured a new CAS5, some applications (Let's call app2) usign Oauth2 protocol to communicate with CAS5 and everything is working fine, until now.
We need a SSO session between app1 and app2, but app1 only uses CAS3 and app2 only uses CAS5. So, I have configured CAS5 to delegate authentication to CAS3,
witch is working but I have to click on the login screen to redirect to CAS3. Is it possible to redirect to cas 3 directly?
Man H
Mar 22, 2018, 5:18:06 PM3/22/18
to cas-...@apereo.org
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6865a0ec-5190-4eca-beb3-929d3ab4f9fd%40apereo.org.
Diego Henrique Pagani
Mar 26, 2018, 10:21:31 AM3/26/18
to cas-...@apereo.org
I've already read that but it doesn't explain how it works.
I saw on cas properties four parameters that I've set to several values and nothing changes.
In other versions, we have to (I found it on https://wiki.jasig.org/download/attachments/48596744/How+to+Trust+Another+CAS+Server.pdf?version=1&modificationDate=1321479461428 but it's from 2011) :
1 . Set the trusted authentication handler
2. Modify the spring webflow login
3. The use of CAS "gateway" mode
My SSO sessions is working, I can login on CAS3 and it get back to my applications(using CAS5 as a bridge). My problem is to set CAS5 to ignore the login page and go directly to CAS3.
Em qui, 22 de mar de 2018 às 18:18, Man H <info.i...@gmail.com> escreveu:
2018-03-22 17:52 GMT-03:00 Diego Henrique Pagani <dhpa...@gmail.com>:
Hello,I have a problem guys:We have an legacy CAS3, witch has some customizations inside the source code and some application that only authenticate with this specific CAS (Let's call it app1).Recently, I configured a new CAS5, some applications (Let's call app2) usign Oauth2 protocol to communicate with CAS5 and everything is working fine, until now.We need a SSO session between app1 and app2, but app1 only uses CAS3 and app2 only uses CAS5. So, I have configured CAS5 to delegate authentication to CAS3,witch is working but I have to click on the login screen to redirect to CAS3. Is it possible to redirect to cas 3 directly?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6865a0ec-5190-4eca-beb3-929d3ab4f9fd%40apereo.org.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifnk8%2B2m%2Bt_subG_XXGj_rddzRzdwNkQAzcx7C-9SPjHg%40mail.gmail.com.
Diego Henrique Pagani
Diego Henrique Pagani
Mar 26, 2018, 10:21:31 AM3/26/18
to cas-...@apereo.org
Hi, after I read at documentation on 'Delegate Authentication' :
User Interface
All available clients are automatically displayed on the login page as clickable buttons. CAS does allow options for auto-redirection of the authentication flow to a provider, if only there is a single provider available and configured.
I've removed all the authentication method and set cas.authn.pac4j.autoRedirect=true and everything works fine.
Thanks
Diego Henrique Pagani
Man H
Mar 27, 2018, 4:20:07 AM3/27/18
to cas-...@apereo.org
Configure cas3 with trusted authentication.
I've already read that but it doesn't explain how it works.I saw on cas properties four parameters that I've set to several values and nothing changes.In other versions, we have to (I found it on https://wiki.jasig.org/download/attachments/48596744/How+to+Trust+Another+CAS+Server.pdf?version=1&modificationDate=1321479461428 but it's from 2011) :1 . Set the trusted authentication handler2. Modify the spring webflow login3. The use of CAS "gateway" modeMy SSO sessions is working, I can login on CAS3 and it get back to my applications(using CAS5 as a bridge). My problem is to set CAS5 to ignore the login page and go directly to CAS3.
Em qui, 22 de mar de 2018 às 18:18, Man H <info.i...@gmail.com> escreveu:
2018-03-22 17:52 GMT-03:00 Diego Henrique Pagani <dhpa...@gmail.com>:
Hello,I have a problem guys:We have an legacy CAS3, witch has some customizations inside the source code and some application that only authenticate with this specific CAS (Let's call it app1).Recently, I configured a new CAS5, some applications (Let's call app2) usign Oauth2 protocol to communicate with CAS5 and everything is working fine, until now.We need a SSO session between app1 and app2, but app1 only uses CAS3 and app2 only uses CAS5. So, I have configured CAS5 to delegate authentication to CAS3,witch is working but I have to click on the login screen to redirect to CAS3. Is it possible to redirect to cas 3 directly?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6865a0ec-5190-4eca-beb3-929d3ab4f9fd%40apereo.org.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifnk8%2B2m%2Bt_subG_XXGj_rddzRzdwNkQAzcx7C-9SPjHg%40mail.gmail.com.
----Diego Henrique Pagani
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALwCSESy4xx7CAeY59j8voEKThxLTGfM3F9CznFuzeVtA1cdZg%40mail.gmail.com.
fatima
Jan 17, 2019, 4:36:27 PM1/17/19
to CAS Community
Hi Diego,
I am new to CAS3 and I have to delegate authentication from the legacy CAS3 to CAS5. I can see that you have succeeded to build something similar. Can you please send me some insights on how I can proceed. Thank you
Reply all
Reply to author
Forward
0 new messages