Hi, What would be the expected behaviour when the user is already authenticated and requested to login again ? Do you want the login page to have the username already fixed by the previous authentication and only the password can be edited ? Because I'm pretty sure that this can be easily achieved with a customization. Best regards, Jérôme
2013/8/21 <[email protected]> > Thank you very much for the responses. I suspect I didn't explain myself > very well. The idea is that the user logs onto the web application with a > username and password through cas. They are then free to use the system. If > they attempt to click the "edit my profile" link they are then asked to > provide their password again before they can see that screen - to mitigate > against a user leaving their browser logged in, walking away and someone > sitting down and changing their details. Similar to the way Amazon deals > with editing a profile. > > I have tried to redirect to login with renew=true when the profile page is > requested and indeed authentication is requested but at that point any > valid account seems to work as it is requesting fresh credentials. I am > really only after them entering the password for the logged in account at > that point. > > Any ideas ? > > Thanks for any help. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
