CAS works in conjunction with an authorization framework within your application.
For example, the CAS Server can return attributes about the user. The basic CAS client integrates with the JEE security APIs to provide authorization that way. Spring Security can use the attribute information to make authorization decisions. The authz decisions are not made on the CAS Server side though. Its delegated to the applications. Cheers, Scott On Wed, Dec 15, 2010 at 8:37 AM, Rene Richard <[email protected]>wrote: > Hello, > > I haven't read anything yet about CAS having the ability to grant access to > certain portions of a web site to certain user groups and deny access to > other groups. Is this functionality something CAS supports? > > Thanks > > R. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
