> Can you please give me a starting point which can help me understand how to > design the whole flow and integrate with CAS.
A pointer is all we could provide because we ourselves do not know or cannot agree on what some of the vital workflows should be. You'll need to consider the following: - Login webflow - Custom AuthenticationManager that handles pass/fail of individual authentication handlers (password, OTP) - Means of communicating authentication method to services - User experience The last point is by far the hardest. For example, what happens when a user shows up to a service that demands a stronger authentication method than they used to start their SSO session? A good UX would provide a graceful means to provide additional credentials to upgrade their LOA and transparently re-route the user to the originally-requested resource such that he or she can now access it. Good luck. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
