How to Overcome Cross-domain Issues for Ajax Calls to CAS-protected Resources?

Question

What are potential solutions to a redirection problem that occurs when trying to make AJAX calls to a CAS-protected, SSL-encrypted resource located on a server different fro

Answer 1

I have 2 suggestions:

• can you set up a proxy script on the same domain as the one that holds the JS code? That way the proxy script would query the CAS and return desired results
• can you enable JSONP? this type of request is not limited by the security policy (but then anyone could use the service)