Are you basically saying that right now your CAS server is "open" and you're wanting to lock it down to a specific list? If so, I just went through the process on our CAS 4.0.1 server a few weeks ago, so it's still pretty fresh in my mind (and notes ;) )
>>> Frank Van Damme <[email protected]> 03/26/15 10:30 AM >>> Hi list, we are running cas 3.5.2 here, and the list of services that require to authenticate on it is growing. Before we loose track and/or control of it, I would like to know how to restrict authentication to a limited number of services; for exampel by only issuing a http redirect to a limited list of URL's. I am also worried that a third party will try to authenticate on my CAS server(s) in an attempt to guess the identity of a user who might at that time be logged in to CAS. Where do I start reading? :-) -- Frank Van Damme Make everything as simple as possible, but not simpler. - Albert Einstein -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
