Happy new year everyone! I hope you all had a restful break. I have a few questions regarding functionality in CAS 3.1. I had previously investigated CAS 3.0 + acegi and found certain pieces missing that I ended up extending in my proof of concept. I was wondering with the new CAS 3.1release, if any of these are addressed.
If any of these don't make sense, or are workable in a different way, please feel free to point out my ignorance. :) 1) Service dependent TGT expiration Scenario: - User attempts to access serviceone and is redirected to CAS for authentication - User logs into CAS and is redirected back to serviceone - User accesses serviceone continuously until TGT is expired (value in grantingTicketExpirationPolicy bean in applicationContext.xml) - User attempts to access servicetwo, however due to the fact that their TGT is expired, is redirected back to CAS for re-authentication. To the user, this would be confusing since they were already logged in and were accessing serviceone. To deal with this scenario, there would need to be some sort of call back mechanism from each service's page request to the CAS webapp. Is there such a call back in CAS 3.1? 2) Username available in the CAS webapp For logging purposes, I'd like access to the username of a previously authenticated user in the CAS application. So that when a user attempts to access servicetwo with a valid TGT, i can put that username in my access log. 3) The TGT id that was used to validate user is available in each service Again for logging purposes, I'd like access to the TGT id, this time in each service webapp. This way I can keep track of a users session across webapps. 4) Force change password screen I'd like a mechanism for forcing the user to change their password. Previously, I extended acegi User with that information, and checked that in each service web container. This is not appropriate as the service container shouldn't care about password expiration. What I would prefer is to allow the user to log on and create a TGT, but not allow any service tickets to be created. This may have been possible with CAS 3.0, but I just didn't look into it. Is it possible? Thanks for your help! -rg
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
