I recently encountered a similar use case and I think this is a good and useful improvement. If you could, please create a JIRA issue and we'll try to address it at some point. I think both cases you mention have merit and can be implemented.
In the meanwhile, you could possibly get around the authz page by modifying the JSP page to auto-submit and accept? > -----Original Message----- > From: Steven Gregory [mailto:sgreg...@iplantcollaborative.org] > Sent: Tuesday, June 24, 2014 10:23 AM > To: cas-dev@lists.jasig.org > Subject: [cas-dev] [OAuth] Overriding, or saving the result of, the > 'authorize' page > > Hello, > > I recently upgraded to CAS 4.0 with OAuth server support, hoping that it > would > either perma-save the result, or have the option to do away with the pesky > message: > > Authorization > Do you want to grant access to your complete profile to <App name>? > [Authorize] > > In my case both of the services are trusted, and it could be confusing for > our users > to have to authorize between the two services, when they are both required > for > full functionality of the app. As well, there is no 'Deny' button on the > page, so its a > bit of an awkward user experience.. > > So my question is, > > Is there some way to modify the configuration to either: > 1. Remove the 'authorize' page for a specific client (Or all clients) OR > 2. Save the > result of the 'authorize' request for a specific user and don't ask the > user to > authorize again? > > Thanks in advance if anyone can shed some light on this topic.. > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > mmoay...@unicon.net > To unsubscribe, change settings or access archives, see http://www.ja- > sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
