At 04:31 PM 6/5/2009, William G. Thompson, Jr. wrote:
You should be able to get the CAS server to behave that way you described, but how will a UA ever get authenticated if CAS server always send them back to the Service. Can you elaborate a bit on your scenario and the rationale?
Sure. There are a few different ways this might be useful to me, but I think an example will be clearest. One of the applications we will CAS-ify is our online directory of people. We would like the directory to conceal some of the information from people who are not part of the university (students' photographs and room numbers, for example). But we certainly don't want to require authentication for using the directory. So what we'll do is have the directory check if the user is authenticated, but not force them authenticate, and simply filter what is shown based on that. Somewhere on the interface will be a link to the CAS login form so that university users who aren't authenticated but need the additional information can just login on the spot.
As John informed us, the CAS jargon for this is 'gateway': <http://tp.its.yale.edu/pipermail/cas/2005-October/001594.html>http://tp.its.yale.edu/pipermail/cas/2005-October/001594.html
______________________________________________________ Don Rea <[email protected]> (570) 577-3278 Web Application Developer Bucknell University Library and Information Technology ______________________________________________________ What if this weren't a hypothetical question?
-- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
