Hi,
After some search I didn't find a way to do my requirement (defining a
specific ldap request and so attribute resolution to a delegated
authenticationHandler, as LDAP request should be different but with the
same principal ID depending on Authentication system) so how should I do
that ? For notes I should resolve attributes when coming from a
delegated authentication after each authentication and not only
depending on a service configuration !
A possibility would be to define a MappedPrincipalResolver instead of a
chainingPrincipalResolver, where we will be able to map to an
attributeResolver name/id an attributeRepository id. But i've found a
problems with the use of pac4j as only the whole pac4j conf can have an
ID, and when using several IDP (saml) from pac4j I would need to use
the clientName.
An other possibility would be on each attributeRepository I add the
possibility to define a list of HanthenticationHandlers.
Or in the reverse thing on pac4j AuthenticationHandler I add the
possibility to define a list of attributeResolver (from personDirectory)
id to chain.
What would be the best for you ?
Thanks,
- Julien
Le 16/04/2019 à 11:33, Julien Gribonvald a écrit :
Hi,
Sorry to re-run the question but how can I do that ? I've found how to
define a policy with authenticationHandlers but it doesn't help to
chain with an attributeRepository.
Is it possible to do what I want or I should chain all delegated
authenticationHandlers with all attributeResolver ?
Thanks,
Julien
Le 12/04/2019 à 11:24, Julien Gribonvald a écrit :
Hi,
Is there something already existing to map to a specific authn
configuration a specific authn.attributeRepository ?
I have several kind of external auth system and so the attribute
resolution locally (local LDAP) should be done by different LDAP
search request (and so attributeRepository), each authn system should
have his own attributeRepository, and I need to avoid to chain all
attributeRepository. Is it possible or should I implement something ?
If I should implement something could you tell me what is the best
way (and where to look) ?
I'm following the CAS master branch.
Thanks,
--
Julien Gribonvald
--
You received this message because you are subscribed to the Google Groups "CAS
Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
