Am Samstag, den 14.08.2010, 10:10 -0400 schrieb Scott Battaglia: > The username is not exposed to an application until after they've > validated a ticket. Is there any security reason for holding back that information? I think I saw the username in the saml/google-logic together with a ticket. > > > If you want to change the ticket parameter you'd have to write your > own custom JSP pages that returns the POST response. Thougt so. > > > On Fri, Aug 13, 2010 at 4:14 AM, Felix Schumacher > <[email protected]> wrote: > On Thu, 12 Aug 2010 09:13:06 -0400, Scott Battaglia > <[email protected]> wrote: > > You may be falling prey to an existing bug: > > > https://issues.jasig.org/browse/CAS-868 [1] > Right, I changed the webflow according to the bug entry and I > get the > ticket posted. > > Now is there an easy way to get the userid posted, too? > Besides that I > would like to change > the name of the key "ticket" to something else. > > > > Also, I would recommend updating to 3.4.2.1 > > I will do so shortly. > > Thanks > Felix > > > > Cheers, > > Scott > > > > On Thu, Aug 12, 2010 at 7:27 AM, Felix Schumacher wrote: > > Hi, > > > > I have installed successfully a CAS Server (Version 3.4.2) > and got SSO > > working with phpCAS, pam_cas and Soulwing Realm > Implementation. > > > > Now I would like to integrate a legacy app, for which I > think it would > > be > > possible to use a FORM-Based login using method=POST and > have the > > ticket > > (and hopefully the username) verfied by an external > service, which we > > could > > provide. > > Unfortunately I didn't get any parameters posted in my > simple login > > form. > > > > I did the following: > > > > * Implement a simple login-page to represent my legacy > app. > > > https://appserver/login [3] > > This page just echoes back the given parameter, so that I > can verify > > the posted Data. > > * Called the CAS Server login page with parameters service > and method > > like > > > > > > > > https://casserver/cas-server/login?service=https://appserver/login&method=POST > > > [4] > > > > The Browser was correctly redirected to the legacy app > > > https://appserver/login [5], but no data was posted. At the > same time > > there was > > no ticket get parameter. > > > > Do I have to configure anything else? Can I influence the > parameter > > names > > or values while sending th initial request to the CAS > server? > > > > Bye > > Felix > > > > -- > > > You are currently subscribed to [email protected] > [6] as: > > [email protected] [7] > > To unsubscribe, change settings or access archives, see > > > http://www.ja-sig.org/wiki/display/JSG/cas-user [8] > > -- > > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user
-- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
