Hello I was wondering about some of the visibility and security issues of a seamless CAS login. When a user logs into CAS they benefit from SSO into other apps but do they know they are still logged into CAS when they logout of that app?
I know that the recommendation is to always close your browser (esp at kiosk machines..) but I was wondering if anything could be done to make CAS more top of mind and if anyone does this? 1 I was thinking about browser extensions tracking your CAS session and indicating you are logged in and found this https://wiki.jasig.org/display/[email protected]/CAS+Aware+Firefox+Toolbar+Extension+Experiment 2 Or that users are redirected to a page on there way "You are being redirected to an application protected by 'CAS'. Please close you browser before you leave this machine...." 3 Redirecting users to a page if they log out of the app with a CAS server logout link on the page... 4 Something more whizzy and complicated. I was wondering if anyone has tried any of these options beyond the "close your browser" advice? Cheers -- View this message in context: http://jasig.275507.n4.nabble.com/Bring-CAS-login-to-the-fore-tp2279276p2279276.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
