Hi, We currently have a web application protected with CAS and have a new requirement to request re-authentication (or at least the users password) when a logged on user accesses a higher security area of the site. Is there a standard mechanism/pattern for achieving this - I came across the renew=true login parameter but that seems to request a complete new authentication rather than requiring a user to "prove" their currently logged on account.
Cheers. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
