<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>As a follow up, I tried to add that this should apply to all pages except for '/admin/*' but that was to no avail.</div><div><br class="webkit-block-placeholder"></div><br><div><div>On Feb 7, 2008, at 1:29 PM, Scott Matthews wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Yes. We're making a customized version based on the cas module.<div><br class="webkit-block-placeholder"></div><div>We basically do not want the user to have to forward to the login page. </div><div><br class="webkit-block-placeholder"></div><div>So David, I tried your suggestion and what I'm seeing is:</div><div><br class="webkit-block-placeholder"></div><div>I go to to the admin page not being authenticated and attempt to login as my admin</div><div>when I submit, the resulting page is not the admin page with the options available to me but rather my site's home page with the url as ' http://[domain_name]/?destination=admin '</div><div><br class="webkit-block-placeholder"></div><div>any Ideas?</div><div><br><div><div>On Feb 7, 2008, at 1:24 PM, Hainsworth, Shawn wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div> <div id="idOWAReplyText28187" dir="ltr"> <div dir="ltr"><font face="Arial" color="#000000" size="2">I want to jump in here. The Drupal user might not always exist. There are cases where CAS will authenticate a user that Drupal does not yet have in its User table. I know the module allows for creating new users with a configurable set of default roles, and we will need to use this functionality.</font></div> <div dir="ltr"><font face="Arial" size="2"></font> </div> <div dir="ltr"><font face="Arial" size="2">Also, the security model for this application is different than Drupal's typical security model. Typically, Drupal protects resources based on roles. So, i f you attempt to access a specific resource, Drupal will check if that resource is protected, and then check if the user is authenticated, and what their role is. The Drupal-CAS module also allows a set of URL patterns to be defined which will require authentication.</font></div> <div dir="ltr"><font face="Arial" size="2"></font> </div> <div dir="ltr"><font face="Arial" size="2">We are not requiring authentication based on resource or URL path. Rather, any page on the site may be accessed anonymously. However, there are additional features that are available if you are logged in.</font></div> <div dir="ltr"><font face="Arial" size="2"></font> </div> <div dir="ltr"><font face="Arial" size="2">Therefore, we are modifying the module to perform a CAS gateway check at the beginning of the user's session. So, Drupal authentication will only be used for administrators and content creators. Users of the site will not use Drupal authentication. Rather, they will use the CAS gateway check at the beginning of their session.</font></div> <div dir="ltr"><font face="Arial" size="2"></font> </div> <div dir="ltr"><font face="Arial" size="2">s.</font></div></div> <div dir="ltr"><br> <hr tabindex="-1"> <font face="Tahoma" size="2"><b>From:</b> Scott Matthews [<a href="mailto:smatthews@optaros.com">mailto:smatthews@optaros.com</a>]<br><b>Sent:</b> Thu 2/7/2008 1:00 PM<br><b>To:</b> <a href="mailto:support@drupal.org">support@drupal.org</a><br><b>Cc:</b> Hainsworth, Shawn; Ron Trevarrow<br><b>Subject:</b> Re: [support] Drupal CAS Configuration<br></font><br></div> <div><p><font size="2">Yes, I already have the accounts stored in Drupal for the people in <br>question. As for CAS, since I'm still in development I'm using the <br>basic functionality of the server for now where you can use any user <br>and the password is the username.<br><br>Yes, to some degree I do want both to work (i.e. allowing the admin <br>for Drupal to login without CAS authentication while other arbitrary <br>users are validated from CAS.<br><br><br><br>Scott Matthews<br>Senior Developer<br>Optaros, Inc.<br><a href="mailto:smatthews@optaros.com">smatthews@optaros.com</a><br><br><br><br><br><br>On Feb 7, 2008, at 12:52 PM, Metzler, David wrote:<br><br>> I'm the module maintainer, and can certainly help out here.<br>><br>> If you're using a module where just a few should be authenticated by <br>> cas, there's a couple of options here, but a couple of questions <br>> will be useful:<br>><br>> 1.) have you precreated the drupal accounts for these people? You <br>> don't have to, but it'll be helpful for me to give advice.<br>><br>> 2.) Are you looking for both drupal auth and cas auth to work?<br>><br>> Dave<br>><br>><br>> -----Original Message-----<br>> From: <a href="mailto:support-bounces@drupal.org">support-bounces@drupal.org</a> on behalf of Scott Matthews<br>> Sent: Thu 2/7/2008 09:15<br>> To: <a href="mailto:support@drupal.org">support@drupal.org</a><br>> Cc: Shawn Hainsworth<br>> Subject: [support] Drupal CAS Configuration<br>><br>><br>> <br>> Has anyone had much experience with the Drupal CAS module? I'm<br>> attempting to use it for an SSO implementation by integrating it into<br>> a site that I am developing where there is a central CAS server that<br>> will manage the users for all other sites we have. This Central CAS<br>> server will have access to a central repository of user login<br>> informaiton.<br>><br>><br>> The issue that I'm seeing is that there are a few specific users that<br>> I have that will be maintained by Drupal and when I attempt to Login<br>> as those users, it does not seem to authenticate me. Is this possible<br>> to have it set up this way? Am I barking up the wrong tree?<br>> --<br>> [ Drupal support list | <a href="http://lists.drupal.org/">http://lists.drupal.org/</a> ]<br>><br>> <winmail.dat>--<br>> [ Drupal support list | <a href="http://lists.drupal.org/">http://lists.drupal.org/</a> ]<br><br></font></p></div></div></blockquote></div><br></div></div>-- <br>[ Drupal support list | <a href="http://lists.drupal.org/">http://lists.drupal.org/</a> ]</blockquote></div><br></body></html>