Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Corrected links that should have been relative instead of absolute.

[10:38:35 CST(-0600)] <chilversc_> I was wondering in the scenario where there are several trusted applications living under the same domain name, eg. example.org/app1 example.org/app2 example.org/cas if it were possible to sign in once with cas and make the other apps aware of this via the cookie itself?

[10:39:43 CST(-0600)] <chilversc_> mostly was wondering about the problem where you're using example.org/app1, you follow a link to example.org/app2 but app2 doesn't know you're signed in

[10:40:29 CST(-0600)] <chilversc_> which can be annoying if the page from app2 supports both anonymous and authenticated users but shows customized content to authenticated users

[10:42:56 CST(-0600)] <chilversc_> one thought I had for this was to set a cookie that was just a marker, so then app2 sees the cookie exists, sees it does not have its own session (via what ever means the app uses for this) so performs the standard authentication handshake

[13:02:57 CST(-0600)] <ozy_work> hello

[13:03:41 CST(-0600)] <ozy_work> no meeting this week?