On Wed, Aug 25, 2010 at 7:28 AM, Patrick A. Treptau <[email protected] > wrote:
> Thank you for all your input. I have a short follow-up question: I > understand that you are all seem to be using a unified login with the same > look and feel that redirects the user to a page with a list of CASified > services. Are your users still able to use the original URLs (ie. > webmail.example.edu) and are then redirected to this one central login > portal? > > What happens, for example, they go to webmail.example.edu? User visits the > link, is redirected to this one unified CAS portal and then redirected back > to the service (ie. webmail) or are they redirected to a portal that lists > all the CASified services where the user has to click again on the various > services to get access? From a user experience I would assume the latter, > because otherwise how do people know what services are CASified and what > services are not. > > Thank you very much! > -Patrick > > Patrick A. Treptau > Sr. Systems Administrator > Swarthmore College > phone (610) 328-8508 > e-mail [email protected] > > That part is very much dependent on each application. We have some applications that have non-authenticated content (uPortal, JIRA, Confluence, home grown apps) in addition to protected content. So, for those apps when people hit public content, they just stay right where they are. If they hit protected content they are *typically* directed to CAS. But this will need to be on an app by app basis. For our portal, we have always thought we would have "public" tabs, so we don't immediately redirect the user to CAS. http://portal.csuchico.edu You have to click the login link. Our JIRA will simply detect that you're not authenticated and give you a login link. Our Confluence will immediately redirect you. Our users don't really "know" about CAS. It's just the screen that they put their username and password into. I know that sounds bad, but it's the way it is. We have apps that can't use CAS, and they go directly against LDAP (which is what backs CAS so the credentials are the same) and people know what to do. We've taught them that they only have one username and password. That has been the big win. Hope that helps, Pat -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
