Marvin,
> the default UI should be focused on
> authentication, not communicating to deployers.
I disagree thoroughly. The default login UI should be focused on
communicating to and enabling the success of CAS deployers, not
communicating with end users.
This would poison the user experience for 0% of users since all adopters
customize the login screen. Rather, this would hone the experience for
100% of the real audience of that page as shipped in the CAS server
release (the deployers). In fact, I'll suggest going further to make
the default login.jsp more "meta", perhaps adding notes/placeholders for
the sorts of things most adopters will want to add to that page, like
messaging about whom to contact if you don't have an account / forgot
your password / need technical support.
Looks like VT has a locally customized login jsp, well-managed in SVN:
https://svn.middleware.vt.edu/svn/middleware/cas/cas-server/trunk/vt-cas-server-webapp/src/main/webapp/WEB-INF/view/jsp/vt/ui/casLoginView.jsp
doubtless many adopters are managing this less rigorously, but I doubt
anyone isn't modifying that page.
Does *anyone* out there have an unmodified login jsp such that having to
remove this messaging adds additional local modification maintenance
burden? I'm often wrong, feel free to speak up and show me wrong now. :)
Andrew
On 06/21/2011 11:25 AM, Marvin Addison wrote:
Maybe the default ootb CAS login JSP should include a user-facing note to
this effect of reminding folks trying out CAS that the SSO capability won't
work without https (but basic login to one immediate webapp will)?
I'm ambivalent about this. I understand the reasoning: it's a vitally
important point that deployers should understand and placing it in
their face on the login screen will make it unavoidable. However,
you're poisoning the user experience for 99.9% of users when the
intended audience is the handful of deployers responsible for the
application.
I'd like to consider other ways to communicate this information.
While it's easy enough to remove, the default UI should be focused on
authentication, not communicating to deployers.
M
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user