Giuseppe Sollazzo skrev 09. mars 2010 10:43:
Eirik Schwenke wrote:
(...)
I guess the reason why you'd want this is because you've given up on
single sign on, and use CAS simply as a way to synchronize login names
and passwords across several servers. I guess this is fine -- it's
just a bit different from what CAS really is intended to do.
No, actually what I've been requested to do is to implement just a
single Sign On to be a single entry point for all our webapps. The idea
is that SSout is "automatic" when someone disconnects from the corporate
network, whereas SSon can be performed by any of the webapps (different
users initiate their sessions in different ways).
If so -- why don't you just hide the log-out function from the trac gui?
As far as I can tell changing the logout-url in the cas-plugin (as Noah
suggested) would lead to a situation where the user might *think*
they're logged out -- but if a CAS session is still active, they're
still *actually* considered logged in by trac? I might be wrong about
how the plugin interacts with trac sessions, but that's how I interpret
the code.
IMNHO it's worse to let users *think* they're logged out when they're
not, than to simply hide the logout functionality (or change the logout
link to a link to the CAS server logout page).
Best regards,
--
.---. Eirik Schwenke <eirik.schwe...@nsd.uib.no>
( NSD ) Harald HÃ¥rfagresgate 29 Rom 150
'---' N-5007 Bergen tlf: (555) 889 13
GPG-key at pgp.mit.edu Id 0x8AA3392C
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to trac-us...@googlegroups.com.
To unsubscribe from this group, send email to
trac-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en.
