Hi Marc, I think the easiest way should be to port your code to a custom TicketGrantingticket again; especially if you have business rules inside. Another idea could to be play with the service management interface which can return attributes depending on the service requested and have to global filter (on apache https for example) which could deny access if it doesn't see some attributes.
This is my little contribution to your question. Best regards, Alex ESSEC Business School 2011/11/24 marcp <[email protected]> > hi all, > > i know that CAS is about authentication but we have a not so uncommon need > where we have to (pre)check on authentication if user is authorized to > acces > to an application. > > Actually we have a pretty old version of CAS which is customized to deny > any > access to an unauthorized application but i would like to upgrade our CAS > VERSION and i don't know how to keep this behaviour with the new versions. > > My idea is to refuse to grant the service ticket so the user is however > authenticated and can access to another app but i don't know how to do > that. > > Should i reimplement my own TicketGrantingticket to modifiy the > grantServiceTicket Method ? but this method doesn't seems to throw any > TicketCreation exception... > > any idea ? > > thanks for help and plz forgive my bad english... > > regards, > marc > > > -- > View this message in context: > http://jasig.275507.n4.nabble.com/SSO-and-habilitation-tp4103957p4103957.html > Sent from the CAS Developers mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
