We currently are using CAS and Spring Security to secure several applications and have been asked by our customer to investigate how we can support revoking a users access and having that take effect immediately. Is there a way to do this in CAS? My first thought was to add a SAML Ticket Validator and a custom SAML Attribute Repository which would have the most up to date roles/access controls. Is this appropriate? Is there a better way to handle this?
-- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
