HTTP Request in CAS security context

No replies
Fri, 11/07/2008 - 12:33
lano
lano's picture
User offline. Last seen 3 years 11 weeks ago. Offline
Joined: 11/07/2008
Posts: 1
Groups: None

Hi,

I have done a little web application integrating Divx Web player plugin. For security purposes, I put CAS authentication on it.

When I put a cas filter on the video resource (src param), the plugin can't read it.

the question is : Does the http request include cookie information ? Cause I think CAS stores session ID into a cookie variable.

I can put CAS filter on all but the video resource (src link).

I didn't try last beta versions - maybe they solve this problem(?). I saw for the new https support. this is awesome guys !

Thanks for your support.

Change :
I made the checks by dumping TCP Packets.
I was right, the fact is that the plugin send a first request with cookie info (I assume a kind of availability check) and a second one to get the video but without any information. That is my problem.

Top