Amjad, That's an interesting point, and may be a use case for a CAS filter configuration that requires a proxy chain rather than allowing one and also servicing direct STs. I'll write that down as something to follow up on in ClearPass maintenance.
That said, don't let the Adversary use your browser session while you're logged in to CAS. :) Kind regards, Andrew On Mon, Oct 29, 2012 at 11:41 PM, Amjad Al-Saraireh <[email protected]>wrote: > Then how can I protect my password, suppose that any one access the > clearpas from my browser he will see it. > how can I hide it. > > Amjad > > ------------------------------ > From: [email protected] > To: [email protected] > Subject: RE: [cas-user] Turn on ClearPass on 3.5 > Date: Mon, 29 Oct 2012 17:01:12 -0700 > > What you see is the appropriate correct response. The view is just > rendering the xml for you. If you see the password on screen, clearpass is > correctly turned on. > > > > *-*Misagh* > > * > > > > *From:* Amjad Al-Saraireh [mailto:[email protected]] > *Sent:* Monday, October 29, 2012 7:43 AM > *To:* [email protected] > *Subject:* [cas-user] Turn on ClearPass on 3.5 > > > > Hi every one, > > Did some body try to enable ClearPass on 3.5. > We enable it but when we try to access clearPass URL he redirect me to cas > login page. > Also when we logged in to CAS and try to access clearPass URL we see the > actual password not the following code. > > > <cas:clearPassResponse xmlns:cas='http://www.yale.edu/tp/cas'> > > <cas:clearPassSuccess> > > <cas:credentials>actual_password</cas:credentials> > > </cas:clearPassSuccess> > > </cas:clearPassResponse> > > > I folow all the instruction on clearpass Wiki > https://wiki.jasig.org/display/CASUM/ClearPass > > Any body have the same issue or he can guide me. > > > > Thanks in Advance > > Amjad > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
