That sounds like exactly what I want, I was hoping there was a native mechanism to support that and initially wondered if renew was it but I guess not.
On Thursday, August 22, 2013 7:26:15 AM UTC+1, Jérôme LELEU wrote: > > Hi, > > What would be the expected behaviour when the user is already > authenticated and requested to login again ? > Do you want the login page to have the username already fixed by the > previous authentication and only the password can be edited ? Because I'm > pretty sure that this can be easily achieved with a customization. > Best regards, > Jérôme > > > > > 2013/8/21 <[email protected] <javascript:>> > >> Thank you very much for the responses. I suspect I didn't explain myself >> very well. The idea is that the user logs onto the web application with a >> username and password through cas. They are then free to use the system. If >> they attempt to click the "edit my profile" link they are then asked to >> provide their password again before they can see that screen - to mitigate >> against a user leaving their browser logged in, walking away and someone >> sitting down and changing their details. Similar to the way Amazon deals >> with editing a profile. >> >> I have tried to redirect to login with renew=true when the profile page >> is requested and indeed authentication is requested but at that point any >> valid account seems to work as it is requesting fresh credentials. I am >> really only after them entering the password for the logged in account at >> that point. >> >> Any ideas ? >> >> Thanks for any help. >> -- >> You are currently subscribed to [email protected] <javascript:>as: >> [email protected] <javascript:> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] <javascript:> as: > [email protected] <javascript:> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
