Affects Version/s: 2.7.0
Fix Version/s: None
We're looking at support for CAS. But we have some users who aren't in CAS. I turned it on with two login buttons. It works OK for the main portal page. But if you go directly to a URL, you are sent to CAS. That won't work for people with local accounts.
The attached file has a prototype patch. I doubt you want to use it as is, but it will give you an idea of what needs to be done:
1) Login should go directly to CAS for the main portal, otherwise to xlogin.
2) Xlogin needs the two buttons, unless it's called from the main portal.
Of course this means that you don't get transparent SSO into URLs, which may defeat some of the reason to use CAS. My sense is that CAS may need a way to put an extra button on it that calls back to the application. Or possibly login should check for the cookie indicating a CAS ticket, and go directly to CAS if it finds one. (Of course that could cause problems for our privileged users. They may have a CAS ticket from another application, but want to login to Sakai as an admin.)
It seems to me that if we're serious about CAS it needs more thought.