Redirect to Service with POST
Scott Battaglia
scott.battaglia at gmail.com
Tue Feb 6 09:11:58 EST 2007
Hi,
1. None of the CAS clients currently save POST parameters (though I did
just log a JIRA issue for it for the Java client).
2. HTTP redirects have to be GET according to the specification. Any POST
redirects must use JavaScript (which is annoying)
3. I have logged a JIRA issue for this for the Java client. Currently that
is the only one implemented by JA-SIG. Though we will have a JA-SIG PL/SQL
client soon.
-Scott
On 2/6/07, Paul Harrison <pharriso at eso.org> wrote:
>
> Hi,
>
> I have several questions on this topic ;-) http://tp.its.yale.edu/
> pipermail/cas/2006-July/003030.html
>
> I have looked at the patch http://www.ja-sig.org/issues/browse/
> CAS-355 that adds some POST functionality to CAS and am wondering
>
> 1. does this solution actually work for the case where the
> originating request that causes the authentication is itself a POST -
> i.e. are all of the original POST variables resent to the target
> service?
>
> 2. Are the aims of point 1 achievable anyway on the CASE server side
> without resorting to Javascript in responses? I am guessing not as
> HTTP redirects always need to be a GET as per the protocol
> specification.
>
> 3. Has anyone given any thought to writing a CAS client that can
> intercept POST requests, remember the variables and then rePOST when
> the corresponding redirected GET is received from the CAS server?
>
> Paul.
>
> Paul Harrison
> ESO Garching
> www.eso.org
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070206/44aab2ea/attachment.html
More information about the cas
mailing list