Hi, You were talking about authentication handlers. Is it possible to retrieve the service host/ip via that authentication handler? Because if you implement AuthenticationHandler you could get only the Credentials.
Thanks, Ray ----- Reply message ----- From: "Jérôme LELEU" <[email protected]> To: "[email protected]" <[email protected]> Subject: [cas-user] CAS Automatic Login... best practices Date: Sat, Dec 28, 2013 09:53 Hi, OK. You don't need an auto login process here (as you don't have the user's password, which is a good thing), but as I also suggested, you need an authentication handler taking a username and a OTP (one-time password) = an authentication code, to authenticate a user. I would got that way. So you would have two authentication handlers, one processing user's login and password and one processing a username and an authentication code (which can be used only once). Best regards, Jérôme 2013/12/27 Joe <[email protected]<mailto:[email protected]>> Sorry, rereading what I want to do, I can see now, how it's a bit misleading. So (on the application server side) I have authenticated the user via an authentication code, and have created the account. CAS has not yet authenticated the user. I want to tell CAS that the current user and session is authenticated without passing the password back over the public wire .(The application server might pass the user/password to CAS). I can think of a few ways to do this, but is there a recommended way? -Joe -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
