Hi guys, I have integrated a couple of Spring applications with CAS which I have documented in http://thinkinginsoftware.blogspot.com/2012/01/sso-with-ldap-spring-and-cas.html
I believe I should avoid accepting service parameter blindly. Instead I want to make sure I only allow certain applications to use CAS which basically means I should be able to maintain a list of URLs and find out if the provided service parameter exists in such a list. If it does not exist I should not redirect to it upon successful login or even better I should not even present the form at all and instead an error message. Is such functionality already available? If not where should I implement it? Thanks in advance, -Nestor Urquiza -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
