On Mon, 9 Jan 2012, Nestor Urquiza wrote:
Hi guys,
I have integrated a couple of Spring applications with CAS which I
have documented in
http://thinkinginsoftware.blogspot.com/2012/01/sso-with-ldap-spring-and-cas.html
I believe I should avoid accepting service parameter blindly. Instead
I want to make sure I only allow certain applications to use CAS which
basically means I should be able to maintain a list of URLs and find
out if the provided service parameter exists in such a list. If it
does not exist I should not redirect to it upon successful login or
even better I should not even present the form at all and instead an
error message.
Is such functionality already available? If not where should I implement it?
Thanks in advance,
-Nestor Urquiza
CAS has this functionality built-in - the Services Management page. Get
started here:
https://wiki.jasig.org/display/CASUM/Services+Management
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
