[cas-dev] Unauthorized Service Handling
Scott Battaglia
scott.battaglia at gmail.com
Thu Aug 23 12:23:58 EDT 2007
Marvin,
Sounds good. Either way the scenario in which an unauthorized service
attempts to validate a ticket should not really occur as they should never
receive a ticket (if configured correctly). They should be prevented from
logging in if the service is unauthorized.
-Scott
On 8/16/07, Marvin S. Addison <serac at exchange.vt.edu> wrote:
>
> > CAS 3.1 returns a server 500 error. I've added a JIRA issue to return
> > that as the XML response (even though we're not officially adding
> > another error code to the specification).
>
> http://www.ja-sig.org/issues/browse/CAS-549 -- Thanks.
>
> > We won't add that to the CAS 3.0.7 server because service
> > authorization is not explicitly supported in CAS 3.0.x (the code is an
> > example of a possible way of doing it) [though if anyone supplied a
> > patch we would consider a 3.0.8 release to update the example code]
>
> In an attempt to take you up on the hint, I started work on this today.
> After a fair amount of work, I don't think there's a good (general)
> solution using the existing classes that extend MethodBeforeAdvice. The
> whole point of before advice is to generalize the conditions on which a
> method can be called. To solve the problem at hand, however, we would
> need specific information on the calling method to throw the right
> exception. So we would need to assume some things about configuration
> in the code -- don't want to go there.
>
> I can imagine solutions where we rework the advice, but seems like a lot
> of work for a relatively small problem. I'm inclined to leave as is,
> unless someone has a relatively simple, general solution.
>
> M
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20070823/c7803e9c/attachment.html
More information about the cas-dev
mailing list