Permalink
Switch branches/tags
Nothing to show
Find file
Fetching contributors…
Cannot retrieve contributors at this time
42 lines (31 sloc) 1.37 KB
TODO: improvement for the future
================================
More Tests
++++++++++
Some scenarios deploying severals applications and running
doctests on it will be soon available.
Handling Single Sign Out
++++++++++++++++++++++++
At this point, this plugin does handle SSO (Single Sign On).
Yet, it does not handle Single Sign Out.
There may be several ways to achieve this.
- A simple solution may be found by enabling the plugin to execute each
callable delivered by webapp whose purpose would be to
logout the user from it (e.g: by redirecting the browser on the logout url,
or deleting some cookies etc.).
- Currently, CAS 3 and higher handle SSOut by triggering a POST request to all
the web application registered.
I did not digg this option at all, wonder how it would fit or not.
- ...
Not relying on the CAS server itself ?
++++++++++++++++++++++++++++++++++++++
At the moment, the plugin relies on a CAS server.
Yet, CAS is just a specific trusted third party (e.g.: like Kerberos etc.)
Thus, to avoid code redundancy between plugins dealing with concrete
implementation of this "trusted third party abstraction",
we should code against this abstraction => refactor this code.
Yet, of course, rather than extending this plugin, we may create a new one,
if each implementations tends to get very specific.
Misc
++++
Clearing and make more relevant comments ;)