At my place of employment, we do not control what applications are CAS authorized, but have existing CAS authorization for an application hosted at foobar.com/app-one.
When a user signs into this, they are correctly authenticated, and are served the application. Recently, we have added a new application, foobar.com/app-two. Unfortunately when signing in, the user is served a message "Application Not Authorized to use CAS". For reference, both of these have CAS server validation disabled.
However, if a user accesses foobar.com/app-one, authenticates themselves, then navigates to foobar.com/app-two, the page is served without issue.
How would I have an unauthenticated user access app-two, get directed to the authorized login component of app-one, and then be redirected to app-two?
EDIT: Could I pass a new redirect location in my request or something similar?