That sounds like exactly what I want, I was hoping there was a native 
mechanism to support that and initially wondered if renew was it but I 
guess not.

On Thursday, August 22, 2013 7:26:15 AM UTC+1, Jérôme LELEU wrote:
>
> Hi,
>
> What would be the expected behaviour when the user is already 
> authenticated and requested to login again ?
> Do you want the login page to have the username already fixed by the 
> previous authentication and only the password can be edited ? Because I'm 
> pretty sure that this can be easily achieved with a customization.
> Best regards,
> Jérôme
>
>
>
>
> 2013/8/21 <[email protected] <javascript:>>
>
>> Thank you very much for the responses. I suspect I didn't explain myself 
>> very well. The idea is that the user logs onto the web application with a 
>> username and password through cas. They are then free to use the system. If 
>> they attempt to click the "edit my profile" link they are then asked to 
>> provide their password again before they can see that screen - to mitigate 
>> against a user leaving their browser logged in, walking away and someone 
>> sitting down and changing their details. Similar to the way Amazon deals 
>> with editing a profile.
>>
>> I have tried to redirect to login with renew=true when the profile page 
>> is requested and indeed authentication is requested but at that point any 
>> valid account seems to work as it is requesting fresh credentials. I am 
>> really only after them entering the password for the logged in account at 
>> that point.
>>
>> Any ideas ?
>>
>> Thanks for any help.
>> --
>> You are currently subscribed to [email protected] <javascript:>as: 
>> [email protected] <javascript:>
>> To unsubscribe, change settings or access archives, see 
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> -- 
> You are currently subscribed to [email protected] <javascript:> as: 
> [email protected] <javascript:>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to