Service Restriction by Domain?
Flaxxed
ryan.andreasen at gmail.com
Mon Aug 11 10:46:28 EDT 2008
Thanks so much for your posts Dale and Scott! I hadn't been able to actually
play with configuring the services management so I am glad to hear that it
can do more than I thought it could. It sounds like it can do what we need
it to do. I will play with it and get it running based on domains. Thanks!
dale77 wrote:
>
> We use the services management app. When using it a service will not be
> authorized unless a match is found in the list of service url definitions,
> which take this form:
>
> Service 1: Allow all hosts and urls from domain1.com:
> http://*.domain1.com/**
> Service 2: Allow only a single url: http://www.domain2.net/allowed/logon
> etc...
>
> Using the service management app also opens up the possiblity to theme the
> CAS login pages based on service, as each service entry has a theme
> attribute.
>
> Dale
>
>
> Flaxxed wrote:
>>
>> My organization is currently deciding on how to restrict which services
>> are allowed to use CAS. I know that there is the serviceRegistryDao that
>> is designed for this purpose and then the service manager CAS application
>> to help you manage this. I have told my organization about this and
>> someone asked if CAS could allow or deny a service based on its domain in
>> the service paramter to /login, /validate, etc.
>>
>> Has anyone ever thought of this or does anyone have any ideas on this
>> method? My vote would be to use what is already in CAS, the less
>> modifications the better, but I am tasked at evaluating both methods.
>>
>> I appreciate any thoughts on the matter. Thanks!
>>
>
>
--
View this message in context: http://www.nabble.com/Service-Restriction-by-Domain--tp18900119p18927225.html
Sent from the CAS Users mailing list archive at Nabble.com.
More information about the cas
mailing list