I'm in the middle of building a new CAS system for my employer, and one of the requests is to have different timeout(s) for the TGT based on the user's IP, the idea being that when the IP is in a designated "public lab" range, the timeout is lessened. (Numbers floating around are something like 8 hours normally and 3 hours when coming from a lab computer). I've searched around a bit, and I'm not sure what the best way to accomplish this would be (certainly seems doable, however). Unfortunately, we're not super familiar with programming in Java so I'd like to avoid code if possible.
Looking around, the following link on the wiki (https://wiki.jasig.org/pages/viewpage.action?pageId=13570204) seems to basically what I want to do (minus putting control in the users' hands), but the code snippet of the UsernamePasswordCredentials extension doesn't seem to be present so I'm not sure how trivial it is. Also, it seems like that I could in theory use the built in RememberMe feature (https://wiki.jasig.org/display/CASUM/Remember+Me) in some way (by setting the RememberBe property based on IP appropriately in the login screen and making the "long term/remember me" cookie the standard 8 hours), but I'm not sure if I'm reading it correctly or if it'd be a horribly inappropriate use of the feature that will lead to confusion down the line. Am I on the right track either way? Anyone implement a feature like this? Any thoughts in general? I'm trying to keep modifications/maintenance to a minimum if possible. Thanks in advance for any aid you can give, and just in case it's helpful, the version of CAS I'm working on is 3.4.7 and the backend ticket registry is planned to be Memcache (w/ Repcache patches) at this point, though subject to change if there's a compelling reason. Matt Elson -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
