Uploaded image for project: 'CAS Server'
  1. CAS-991

add user-facing note to login JSP reminding that SSO will not work without https:

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.4.9
    • Component/s: None
    • Labels:
      None

      Description

      Add a friendly user-facing (appears on render of login page) note to ootb login JSP advising that while login to an application will work, single sign on will not work without setting up SSL / HTTPS, since CAS sensibly by default will not set a single sign on cookie over not-https.

      This messaging would introduce little pain to production adopters to remove it, since 100% of production adopters of CAS customize the login JSP for branding anyway.

      This messaging would put the "documentation" of this often-casual-demoer-tripping-up nuance right in the face of the demoer when they experience the nuance.

        Attachments

          Activity

            People

            • Assignee:
              battags ScottS
              Reporter:
              awp9 Andrew Petro
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: