Thanks for the reply and for the warning Marvin ;-) One user set will have email addresses as user id, whereas the other will have an auto generated, non email, string. We should be safe.
I'll be glad to share this authentication handler once bullet proofed ! Cheers Georges -----Original Message----- From: Marvin Addison [mailto:[email protected]] Sent: jeudi, 19. mai 2011 15:30 To: [email protected] Subject: Re: [cas-dev] authenticationHandler using a WEB service > In addition to this method, I would need my CAS to use a WEB service > to authenticate a separate users population. It's vitally important to ensure that you have a process to ensure globally unique user identifiers across all authentication stores. You invite security issues otherwise. > I've seen posts on how to add new authentication handlers, > but if anyone has already implemented one with a WEB service, > I'd be more than happy to share ! It's possible and it's been discussed in the recent past, but I'm not aware of any code having been shared. If you've solved this problem and can share your solution, please speak up. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
