Emilian, It opens a vector for phishing, etc, putting your users at risk.
Ray On Thu, 2020-07-02 at 23:24 -0700, Emilian Mitocariu wrote: Ok, I'll take your answers into consideration. I agree adding new json entries isn't that hard as we won't have new services everyday, it's just that I was asked to look into this strategy among others. Also, I know having the serviceid like that is going to allow any application to authenticate against our CAS, but I didn't find it that risky as bad intended persons will still need some valid credentials to log into our CAS. Please correct me if I'm wrong. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | r...@uvic.ca<mailto:r...@uvic.ca> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/19d500a35174f015a62c83bf2dbcd6a0937a1108.camel%40uvic.ca.
