On 2011-09-02 05:37 , Rhett Sutphin wrote:
* User clicks on a login link, which brings up the lightbox with CAS in an iframe within. (If the user has JS disabled, this link goes to the usual full-page CAS login.) * The user logs into the iframed CAS login page.
With an iframe, does the browser display the SSL-authenticated CAS host name? I suppose most users don't bother to look at that, but it would be a shame to take away their ability to see who they're giving their password to.
Cheers, 11011011 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
