Hi,

1.  None of the CAS clients currently save POST parameters (though I did
just log a JIRA issue for it for the Java client).

2.  HTTP redirects have to be GET according to the specification.  Any POST
redirects must use JavaScript (which is annoying)

3. I have logged a JIRA issue for this for the Java client.  Currently that
is the only one implemented by JA-SIG.  Though we will have a JA-SIG PL/SQL
client soon.

-Scott

On 2/6/07, Paul Harrison <[EMAIL PROTECTED]> wrote:

Hi,

I have several questions on this topic ;-) http://tp.its.yale.edu/
pipermail/cas/2006-July/003030.html

I have looked at the patch http://www.ja-sig.org/issues/browse/
CAS-355 that adds some POST functionality to CAS and am wondering

1. does this solution actually work for the case where the
originating request that causes the authentication is itself a POST -
i.e. are all of the original POST variables resent to the target
service?

2. Are the aims of point 1 achievable anyway on the CASE server side
without resorting to Javascript in responses? I am guessing not as
HTTP redirects  always need to be a GET as per the protocol
specification.

3. Has anyone given any thought to writing a CAS client that can
intercept POST requests, remember the variables and then rePOST when
the corresponding redirected GET is received from the CAS server?

Paul.

Paul Harrison
ESO Garching
www.eso.org

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to