Ticket #530 (closed clarification: wontfix)

Opened 1 year ago

Last modified 1 year ago

is there any way to restrict third party servers from authenticating against our CAS store?

Reported by: russ Assigned to: rich
Priority: unassigned Milestone:
Component: ambra-sso Version: 0.7
Keywords: Cc:
Blocking: Blocked By:

Description

right now it's wide open, and anyone can make a service that authes against the plos user database.

this might be a good thing! but it's probably a bad feature :)

is there any way to restrict logins from external domains? if we were running behing apache we could restrict based on referer - probably there's a way to do this in tomcat as well...

Dependency Graph

Change History

08/07/07 16:45:07 changed by amit

I think actually that is a good thing. Rich and I have been talking about an ScienceId? (based on OpenId?) network.

08/17/07 15:33:02 changed by amit

  • owner changed from pradeep to rich.

11/08/07 17:56:33 changed by rich

  • status changed from new to closed.
  • resolution set to wontfix.

It's a good thing. Closing ticket.