Again. I'd appreciate an answer on this please. -----Original Message----- From: Keith Garry Boyce <ga...@consultsure.com> Sent: Saturday, January 17, 2009 8:07 AM To: 'Yale CAS mailing list' <cas@tp.its.yale.edu> Subject: RE: CAS without CAS login page using restful api and modifiedlogin-webflow.xml
Anyone? > _____________________________________________ > From: cas-boun...@tp.its.yale.edu > [mailto:cas-boun...@tp.its.yale.edu] On Behalf Of Keith Garry Boyce > Sent: Friday, January 16, 2009 9:53 AM > To: cas@tp.its.yale.edu > Subject: CAS without CAS login page using restful api and > modifiedlogin-webflow.xml > > I wanted to code a JSF application where the login page is a JSF page > rather than a CAS page. I see this as a use case that cannot be overlooked > in present day application development. > > I understand that it is discouraged to present credentials to an > application but an applications security model shouldn't have to be custom > for every security solution plugged in. > > In my case I'm using spring security as the mechanism to glue the security > stuff together. If I switch from plain security to CAS security it seems > that all documentation points to me doing custom things for the login page > such as iframe etc.. > > So here's what I've come up with. I'd appreciate feedback on this > solution: > > In login-webflow.xml I made it so if ticketGrantingTicketId is passed as a > parameter on the /cas/login URL then > Service cookie can be issued directly using the ticketGrantingTicketId. In > my case I get the ticketGrantingTicketId using the CAS restful api. > > <action-state id="initialFlowSetup"> > <action bean="initialFlowSetupAction" /> > <!-- garpinc replace --> > <!-- > <transition on="success" > to="ticketGrantingTicketExistsCheck" /> > --> > <!-- garpinc with --> > <transition on="success" > to="ticketGrantingTicketIdExistsCheck" /> > <!-- garpinc end replace --> > </action-state> > > <!-- added by garpinc --> > <decision-state id="ticketGrantingTicketIdExistsCheck"> > <if test="${requestParameters.ticketGrantingTicketId == > null}" then="ticketGrantingTicketExistsCheck" > else="populateFromRequestParams" /> > </decision-state> > > <action-state id="populateFromRequestParams"> > <set attribute="ticketGranti [The entire original message is not included] _______________________________________________ Yale CAS mailing list cas@tp.its.yale.edu http://tp.its.yale.edu/mailman/listinfo/cas