distinguish between new authentication and existing auth

Scott Battaglia scott.battaglia at gmail.com
Sun Mar 18 18:32:31 EDT 2007 

Based on what you need, it seems like modifying the XML response and
including the isFromInitialSignOn status would be your best option. You can
then query for that value and work from there.

-Scott

On 3/15/07, Carlos.Fernandez at usitc.gov <Carlos.Fernandez at usitc.gov> wrote:
>
>  Scott,
>
> Thanks for the fast response!
>
> -->  enforcing the renew=true
>
> It is my understanding that by doing this, the application opts out of
> SSO.  We need the user to move from application to application pretty
> seamlessly.
>
> --> If you just want to know for informational purposes
>
> I need to treat "new authentications" differently.  I should probably ask
> about my need instead of my proposed solution . . . putting the cart before
> the horse.
>
> I have finished wrapping a few applications that originally had their own
> authentication solutions with CAS (using acegi for integration on the web
> app).  Originally, there were certain conditions where the user would see
> warning messages after a successful authentication.  Such as, "your login
> will expire in 7 days" etc.  They would see this on the page they were
> redirected to after a successful login.
>
> I am not entirely sure how to do this in our new CAS centric world.  Since
> these are just warning messages, I want people to be redirected after
> successful authentication to the original application URI that forced
> authentication in the first place.  At this point, and only this point, I
> want to display the warning message.
>
> This should only occur once, after the users initial authentication
> request.  This should not occur when an authenticated user cross application
> borders.
>
> -->  you would have to modify the JSPs that create the response to include
> an additional XML attribute that specifies whether renew=true. You'd have to
> modify the client to understand this.
>
> Based on the use case I described above . . . do you think is still the
> best course of action?
>
> Thanks!
>
> Carlos
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>


-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070318/df9240df/attachment.html

More information about the cas mailing list