Integrating authentication with single sign on system?


I’m wondering if anyone has any experiences to share with regards to handling authentication using a single sign on system. I’ve read a few other discussion threads on this topic but I don’t really know what approach I should be taking to handle the case where the user is no longer authenticated.

Two approaches I thought about:

  1. Don’t bother using #link-to. Just use plain anchor tags so that the browser always hits the server. This way, if the user is unauthenticated, the user’s browser will do the single-sign on dance, and eventually get back to the page they are supposed to look at. To make this work, I suppose each page load should ship with all data necessary to render the page without incurring more requests.

  2. Handle the error event when transitioning. Find out what URL will be loaded and what HTTP method is being used. If it is a GET request, just force the browser to load the URL using window.location. Any other requests, stop the transition, and show a message to the user. The problem with this approach is that I don’t see a way to get the information out of the reason and transition objects that are passed to the error handler.