We are trying to lock down use of our CAS server, even down to the folder level.
So for instance if I hit http://hostname.edu/index.jsp and it is defined in services management with that URL. I do not want CAS to allow anyone to go to http://hostname.edu/folder/index.jsp. Well when I hit the first link, login successfully, I am then able to browse to the second URL successfully. I am wanting to keep that folder out of being able to use the CAS ticket. I know in the URL definitions are using Ant style pattern matching. But upon testing I have found this to be a slight problem as we are wanting to be able lock down to the folder level. Would this be up to the client, or is this something I can solve server side? Thanks, Jeremy Wickham Senior Programmer Analyst Enterprise Information Systems [email protected] (662) 325-9173 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
