Hi, I remember we had this discussion with Michaël at work. He proposed to have a GatewayResolver which lasts some time but the contribution has not been done so far.
Any input Michaël on this? Thanks. Best regards, Jérôme LELEU Founder of CAS in the cloud: www.casinthecloud.com | Twitter: @leleuj Chairman of CAS: www.jasig.org/cas | Creator of pac4j: www.pac4j.org 2014-12-10 16:04 GMT+01:00 Scott Battaglia <[email protected]>: > Depending on the client, you can alter the behavior. The Java client > supports providing a custom implementation of the GatewayResolver so you > could store the result of the gateway request per session (or some other > method) to reduce the number of round trips. > > On Tue, Dec 9, 2014 at 3:47 PM, Misagh Moayyed <[email protected]> > wrote: > >> > If that's not the design intent, what might the proper use of gateway in >> > this context be? Maybe check once, mark locally as "unauth" if not >> > authenticated and not hit the server again until the user explicitly >> > clicks a Login URL? >> >> Yes. A guest view that renders relevant content to an unauthenticated >> user. Also might come in handy if you authenticate via CAS without a >> target service to only then land on a portal-like page that spawns links >> to various apps. >> >> > -----Original Message----- >> > From: Tom Poage [mailto:[email protected]] >> > Sent: Tuesday, December 9, 2014 9:50 AM >> > To: [email protected] >> > Subject: [cas-user] gateway mode >> > >> > Looking for opinion/experience/knowledge: >> > >> > Is it common for a web app using gateway mode to hit the CAS server on >> > every click of a CAS-protected site when the user has no CAS session? >> > >> > This seems a waste of CAS server resources to keep checking just in case >> > the user authenticated through some other channel, especially very busy >> > sites (we have one of these). >> > >> > If that's not the design intent, what might the proper use of gateway in >> > this context be? Maybe check once, mark locally as "unauth" if not >> > authenticated and not hit the server again until the user explicitly >> > clicks a Login URL? >> > >> > Thanks. >> > Tom. >> > -- >> > You are currently subscribed to [email protected] as: >> > [email protected] To unsubscribe, change settings or access archives, >> > see http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
