Perquisites:
- Functioning CAS server that returns username and email address
- CAS server is using SSL (for testing you can disable this see here)
- Read through the first post of this the Official Single-Sign-On for Discourse
Ok by “My website” do you mean your CAS server? If so how it works is:
- You hit the login button on your discourse site or the site is set to require login to access.
- Discourse packages a payload up containing the url of the discourse site to return to and and light encryption key.
- Your browsers is now redirected to the SSO url configured in discourse and the above package is sent allong.
- The discourse_cas_sso app receives the package and stores it and redirects you to the CAS server.
- When you return to the discourse_cas_sso app there is a package of data from the CAS that lets discourse_cas_sso know that you are logged and at minimum your email address and username.
- The email address and username along with other information is packaged up using the encryption key send by discourse and sent back to the discourse using the return url from the original package.
- Discourse uses this information to either log the person in by matching the email address or creates a new user with this information and logs them in.
With that out of the way can you tell me what you have done so far?