Logically, this is possible, and CAS supports it. CAS supports the notion of Non-Interactive Login, which means it can obtain something from the request and authenticate it without prompting the user for credentials.
So you would need to implement some form of Non-Interactive Login Action (we have an abstract class to help) and plug that into the web flow. You would then need an AuthenticationHandler and a CredentialsToPrincipalResolver to process these new credentials.
As for what that new credential should be...it could be something as simple a (secure) random string being passed to CAS with a corresponding key/value pair in a database that equates the random string to a user id and then your AuthenticationHandler and CredentialsToPrincipalResolver could retrieve the values from the database. That's just a simple naive example. There may be more robust ways to do this.
The SPNEGO code is a good example of non-interactive login though (as are some other examples in our CVS).
-Scott
On 10/19/06, Arnaud Lesueur
<[EMAIL PROTECTED]> wrote:
Le Jeu 19 octobre 2006 03:17, Peter Giesin a écrit :
> I am using CAS 3.0.5 as our login service. I have a requirement that
> after registration, that the user be automatically logged into the system. I know that this goes against the standard
> CAS protocol. I
> was wondering if anyone has came up with a solution to a similar requirement.
>
> Thanks,
> Pete
This might be done with the SPNEGO Handler. Have a look in the CVS.
Arnaud Lesueur
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
