Login includes advisory attributes that help CAS to present its end user experience. These attributes must not have security implications because they are succeptible to end user manipulation (are passed through a redirect on the user's web browser). - service — specifies the identity of the service for which a Service Ticket is desired. Also the URL to which CAS redirects the web browser after a succesful authentication.
- gateway — specifies whether CAS must immediately redirect back to the service. When true, CAS must not render any login pages but must instead immediately redirect back to the service desiring CAS authentication, either having succeeded in authenticating the request without rendering a login screen (single sign on) and including a corresponding service ticket or failing to authenticate the user and including no ticket.
|