[cas-dev] Remember Me login

Scott Battaglia scott.battaglia at gmail.com
Wed Dec 20 09:19:29 EST 2006 

I haven't had time to think about it fully yet, but we may need to modify
the CAS server to support this (choosing on of many expiration policies was
not in the original design.

You won't need a custom TicketGrantingTIcketImpl though, just a different
expiration policy (one with a longer length).

-Scott

On 12/12/06, March, Andres <amarch at soe.sony.com> wrote:
>
>  I'm implementing a Remember Me (Save Password) feature and want to make
> the cookie have a variable lifespan: browser session if they don't choose
> "Remember Me" or 3 months if they do.  However, my plan to substitute my own
> implementation for TicketGrantingTicketImpl is not possible because it is
> currently instantiated in a concrete fashion in the
> CentralAuthenticationServiceImpl rather than using a factory.  Any ideas?
>
>
>   ------------------------------
>
> *From:* cas-dev-bounces at tp.its.yale.edu [mailto:
> cas-dev-bounces at tp.its.yale.edu] *On Behalf Of *Scott Battaglia
> *Sent:* Friday, November 17, 2006 10:59 AM
> *To:* Mailing list for CAS developers
> *Subject:* Re: [cas-dev] Remember Me login
>
>
>
> Well TicketGrantingTickets themselves have a life-expectancy of whatever
> time you decide.  It can be short or long.  The key is making sure the
> cookie expiration time matches up with the TicketGrantingTicket expiration
> time.
>
> Cookies only store the TicketGrantingTicket identifier.
>
> -Scott
>
> On 11/17/06, *Alan D. Cabrera* < alan.cabrera at simulalabs.com> wrote:
>
> Does anyone have any thoughts on my comments?  Arnaud?
>
>
>
>
>
> Regards,
>
> Alan
>
>
>
> On Nov 15, 2006, at 12:13 PM, Alan D. Cabrera wrote:
>
>
>
>  Do I understand the code correctly when I say that you store the ticket
> in a cookie?  IIUC, won't the ticket expire after a short while?
>
>
>
>
>
> Regards,
>
> Alan
>
>
>
>
>
> On Nov 15, 2006, at 10:15 AM, Arnaud Lesueur wrote:
>
>
>
>  Hi,
>
>
>
> I have already open an issue in JIRA few months ago on this request and I
> also put my code as attachement. This
>
> available here : http://www.ja-sig.org/issues/browse/CAS-366
>
>
>
> If you think, this feature is usefull please vote for it !
>
>
>
>
>
> Arnaud Lesueur
>
>
>
> Le Mer 15 novembre 2006 18:47, Jack Tang a écrit :
>
>  Hi Alan
>
>
>
>
>
> Can you share the code with me? I am now hacking the some problem.
>
> Thank you very much.
>
>
>
>
>
> /Jack
>
>
>
>
>
> On 11/10/06, Alan D. Cabrera < alan.cabrera at simulalabs.com> wrote:
>
>
>
>
>
> On Nov 9, 2006, at 8:10 AM, Peter Havelaar wrote:
>
>
>
>
>
>  Alan D. Cabrera <alan.cabrera at ...> writes:
>
>
>
>
>
>
>
> We also wish to support "remember me".   What we plan on doing is
>
> hacking the
>
>  CASFilter so that we store an encrypted token in a cookie.  Its
>
> format will be:
>
>
>
> userid:expiration:salt
>
>
>
>
>
> If the CASFilter sees this cookie, it will refresh the session
>
> variables.
>
>
>
> We also intend to modify the CAS login code to include
>
> cas.remember URL
>
>  parameter which would instruct the filter to construct the token.
>
>
>
>
>
>
>
> That is great!
>
>
>
>
>
> When are these changes scheduled to be performed?
>
>
>
>
>
>
>
>
>
> Well, we're making these changes internally this week.   I am happy to
>
> submit the code back to the community.  Can anyone on the team comment?
>
>
>
>
>
> Regards,
>
> Alan
>
>
>
>
>
>
>
> Alan D. Cabrera
>
> VP Engineering
>
> Simula Labs - The Open Source Venture Partners
>
> p: +1 510 225 5588 f: +1 800 822 0471
>
> alan at simulalabs.com www.simulalabs.com
>
>
>
>
>
>
>
>
>
>  _______________________________________________
>
> cas-dev mailing list cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> cas-dev mailing list
>
> cas-dev at tp.its.yale.edu
>
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
> Alan D. Cabrera
>
> VP Engineering
>
> Simula Labs - The Open Source Venture Partners
>
> p: +1 510 225 5588 f: +1 800 822 0471
>
> alan at simulalabs.com
>
> www.simulalabs.com
>
>
>
>
>
> _______________________________________________
>
> cas-dev mailing list
>
> cas-dev at tp.its.yale.edu
>
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
> Alan D. Cabrera
>
> VP Engineering
>
> Simula Labs - The Open Source Venture Partners
>
> p: +1 510 225 5588 f: +1 800 822 0471
>
> alan at simulalabs.com
>
> www.simulalabs.com
>
>
>
>
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20061220/cb856ac1/attachment-0001.html

More information about the cas-dev mailing list