New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Google style SSO login #74
Comments
Single Sign On perfectly work out of the box with django-cas-ng and jasig CAS (unless the user checked "Warn me before logging me into other sites."). I never used mama-cas so I don't know if there is a special manipulation to do to get SSO to work. Did you add the urls of you apps A, B, C to the list of allowed services on the CAS ? Beware, SSO is sometimes used to refer to SIngleSignOn and sometimes to SigleSignOut cf https://wiki.jasig.org/display/CASUM/Single+Sign+Out so it can be confusing |
@nitmir Can you explain the flow from client side in case of single sign on in django-cas-ng? Because at the moment I am using a cookie based solution to make it work, but I would rather prefer not to do it this way. I know I must be surely missing something in configuration. |
@Rajesh-Yogeshwar If the client is already authenticated to the cas and want to access service A, the following happen : If the client is not authenticated to the CAS https://cas/login?service=A should display a login form, when on successful login to the cas the user is redirected to https://A?ticket=ST-SQjd… Usually all services and the CAS are on different domains but that's not mandatory and I have a couples of services on the same domains working fine. Just be careful that a service A do not erase some cookies of service B (for example service A and B on the same domain should not use the same cookie name to handle sessions or else the user wont be able to login service A and B in the same time) Indeed if you use the CAS to authenticate user, you should not need some shared cookies across services. |
This is the kind of explanation that needs to be in readme. I am working on my dev machine and every thing is hosted on localhost. So probably because of this I am not able to get it working. Thank you for a good explanation |
@Rajesh-Yogeshwar it is working in production? If i use different cookie session name is working? |
@morocarlo Yes. I got it working. But what I did was take idea from explanation provided by @nitmir and rolled my own little solution. Its been working on my company's private applications for more than a year. |
Hi, @Rajesh-Yogeshwar, i can't log in automatically with differents domains, how you do that? |
@diegoduncan21 I am on same domain, only different subdomains. @nitmir has explained it how it should be done. |
Well, first thing I couldn't come up with better title for issue so apologies. Now, to the situation I have django-mama-cas as my cas server, and I am using django-cas-ng on three other applications. I have followed instruction for django-cas-ng as specified on your github page. A simple scenario, my apps are A, B, C when I successfully login into A then switch to tab and request login page for B I should be logged into B automatically(If I am not wrong this is what SSO is meant to do). How using django-cas-ng and django-mama-cas I can achieve this?
The text was updated successfully, but these errors were encountered: