Any thoughts, Scott/Andrew?
----- Original Message ----
From: webzo <[EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Thursday, April 5, 2007 10:17:13 AM
Subject: Re: Questions about manual login process..
Hmm, check the session for what? Is there a way to check if the session is
still valid? If there is, then my logic would become-
Check if session is valid
if valid
display page
else
redirect to CAS login with renew=TRUE
Get ticket parameter
validate ticket
if user is authenticated
display page
else
redirect to CAS again with
renew=TRUE
Thanks.
----- Original Message ----
From: Scott Battaglia <[EMAIL PROTECTED]>
To: Yale CAS mailing list <[email protected]>
Sent: Wednesday, April 4, 2007 7:54:17 PM
Subject: Re: Questions about manual login process..
Is there a reason you're not checking the session at all?
-Scott
On 3/29/07, webzo <[EMAIL PROTECTED]
> wrote:
I may need to add manual login to my webapp (meaning, not use the web.xml
method or jsp tag library). Just to be sure that I am covering all bases, I
have described the logic I have used below. Can someone confirm that it sounds
ok?
Say there are 2 pages, Page1 and Page2. There is a link to Page2 from Page1.
Basically, I want to make sure that whether the user goes to Page2 via Page1 or
directly, he is always going to be authenticated. So, here is the logic that
EVERY page executes-
Get ticket parameter
if ticket is null
redirect to CAS login with renew=FALSE
Get ticket parameter
validate ticket
if user is authenticated
display page
else
redirect to CAS with
renew=TRUE
I am mostly concerned about passing renew=FALSE the first time because that
makes CAS reuse a previous SSO session. I think I need to do this because if
the user gets to Page2 from Page1, then ticket will be null. But I should not
require the user to sign in again because he just did to enter Page1.
If there is no ticket and I redirect to CAS with renew=false, I will be
REQUIRED to login- is that a correct statement?
Thanks for your time.
Need Mail bonding?
Go to the
Yahoo! Mail Q&A for
great tips from Yahoo! Answers users.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
Don't get soaked. Take a quick peek at the forecast
with theYahoo! Search weather
shortcut._______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
____________________________________________________________________________________
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
http://tv.yahoo.com/_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
