All,I have submitted this patch on behalf of a client. Personally, I don't have much time to contribute further to this patch. You all have worked with CAS much longer than I, so you can decide the best course of action.
With that said, I would like to point out that very few applications require this patch. AFAIK, they only come from one vendor. :-) I implemented this patch with Andrew's guidance, and I think that it is elegant, and it solves this particular problem quite well. While I would welcome further contributions to this solution, anyone contemplating such contributions would have to come up with time to do it and justify the commitment of time to his or her manager. ;-)
Adam Scott Battaglia wrote:
Andrew,I don't think we've evaluated this solution enough to determine whether it should be in CVS or not.The solution in the patch exposes a different login endpoint for authentication, which I'm not convinced is the best solution. It appears there are three ways to handle this scenario:1. Expose a different URL endpoint with a different flow for handling the POST scenario 2. Expose a request parameter such as returnMethod (defaults to GET) which would cause the web flow to choose either a normal redirect or a JavaScript POST. 3. Add post capabilities on the client applicaion side (either as part of the CAS client or inform people to handle it locally in their application)[there may be other scenarios, these are just the ones I thought of off the top of my head]Each scenario has its strengths and weaknesses. Until we've evaluated the best method for handling this I'd rather not commit anything into CVS at this point. Anything committed to CVS would need to be supported in the future, regardless of whether we found a better solution or not.-Scott Andrew Petro wrote:Jeff,I appreciate your positive attitude, but I think it would be best if we got this patch into CAS source control and kept it up to date and as no-heroics-required as possible. In that vein, where would be appropriate for this to go into CVS, Scott? Should CAS ship this example? Stick it under a contrib directory? Andrew-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey M Goodwin Sent: Monday, July 10, 2006 7:49 AM To: Yale CAS mailing list Subject: RE: Redirect to Service with POST Hi Scott, I agree. I am in the process of doing so right now. I am just so new to both CAS and spring's web flow api it is taking a bit longer than I had hoped. Oh well, I guess it is a good introduction to both technologies. Thanks, Jeff_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
begin:vcard fn:Adam Rybicki n:Rybicki;Adam org:Unicon, Inc.;Professional Services adr:Suite 113;;3140 North Arizona Avenue;Chandler;AZ;85225;United States email;internet:[EMAIL PROTECTED] tel;work:+1-480-558-2400 tel;home:+1-310-265-8286 tel;cell:+1-310-980-2758 x-mozilla-html:FALSE url:http://www.unicon.net/consulting_572.html version:2.1 end:vcard
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
