Proper use of phpCAS & application session
Michael Ströder
michael at stroeder.com
Wed Dec 3 17:42:58 EST 2008
Kim Cary wrote:
> Sorry for such an elementary question.
>
> For those of you using phpCAS (wonderful! thank you!) - is phpCAS
> maintaining state with the user?
>
> I don't want to tell our developers implement the simple example code
> on their web apps and find that every page makes a call back to the
> CAS server on each access.
CAS Login is made exactly once if your CAS-enabled application handles
the session properly.
> I would think that they need to set a cookie to maintain state/login,
> and if the app doesn't find it, send the user to the landing page for
> the app (which will kick them to CAS).
>
> However, on reviewing the examples again, I began to wonder if the
> phpCAS libraries were keeping user state for us.
Did you examine example_session_service.php of phpCAS?
Ciao, Michael.
More information about the cas
mailing list