Authenticate user after registration (without login)
Scott Battaglia
scott.battaglia at gmail.com
Mon Sep 29 09:40:35 EDT 2008
Arthur,
We actually see this come up every so often. Our recommendation has always
been that the application that does the user registration should generate a
sufficiently long random identifier and store it in a database in
combination with the username and an expiration date. The application
should then pass that identifier to the CAS login page.
CAS should be configured to read the token and construct a credentials
object from it. A combination of authentication handler/
credentialstoprincipal resolver would be able to read from the DB, see the
username, and remove the token.
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Mon, Sep 29, 2008 at 4:47 AM, Arthur Erdös <ae at brainguide.com> wrote:
> Hello all,
>
> is it possible to automatically authenticate an user at CAS after he
> submitted a registration form? I don't want the user to authenticate
> himself again, if he just registered...
>
> Kind regards,
> Arthur
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080929/71f2d035/attachment.html
More information about the cas
mailing list