> renew=true login parameter but that seems to request a complete new > authentication rather than requiring a user to "prove" their currently > logged on account.
Authentication is by definition proving identity. Not sure how else you would prove it with any level of confidence other than reauthentication. The CAS protocol renew parameter is an implementation of the more general concept of forced authentication, which is generally used to satisfy needs like those you mentioned. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
