Setting useSession to false merely makes sure the Assertion isn't stored longer than the request. This would mean the next request would redirect to the CAS server. If a SSO session was already established then the user would not be prompted for a password.
The only scenario that fails is POST requests. Cheers, Scott On Wed, Feb 10, 2010 at 1:15 AM, Dallas <[email protected]> wrote: > > I don't think setting the useSession attribute to false is going to work > for > us, we don't want to prompt the user for a login everytime they navigate to > a page handled by the filter and I don't see any other way of requesting a > ST other than via the login prompt. Is there some other mechanism I could > use to get an ST? I was looking at the REST API but it looks like you need > the TGT to use that call and I don't have the TGT in the service app. > > Thanks for the suggestion though... > -- > View this message in context: > http://n4.nabble.com/CAS-ST-validation-after-authentication-tp1474581p1475433.html > Sent from the CAS Users mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
