Which CAS client are you using? The validation filters in the Java CAS client have a "useSession" parameter. If you set it to "false", then the access will not create a session and you will need to get a ticket for each access. If you combine that with renew set to "true" and redirectAfterValidation to "false", then you will have to reauthenticate for each URI access. From: https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+the+web.xml
redirectAfterValidation (default: true) - whether to redirect to the
same URL
after ticket validation, but without the ticket in the parameter.
useSession (default: true) - whether to store the Assertion in session
or
not. If sessions are not used, tickets will be required for each request.
renew (default: false) - specifies whether renew=true should be sent to
the
CAS server. Valid values are either "true" or "false."
You say that you want to reauthenticate for every "web page", note every url,
so I can't tell if this is exactly what you want, since a "web page" may load
other URL's depending on whats on the page.
David Ohsie
Software Architect
EMC Corporation
-----Original Message-----
From: Pratap K M [mailto:[email protected]]
Sent: Thursday, February 21, 2013 8:01 AM
To: [email protected]
Subject: re:[cas-user] Repeated Authentication for application
But we want to re-authentication each time while accessing a web page.
regards
Pratap K M
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
smime.p7s
Description: S/MIME cryptographic signature
