I think that would be done in the CredentialsToPrincipalResolver which is called after the authentication:
http://developer.jasig.org/projects/cas/cas-server-core/cas-server/cas-serve r-core/apidocs/org/jasig/cas/authentication/principal/CredentialsToPrincipal Resolver.html There is a call "resolvePrincipal" that takes the credentials object and returns the Principal. If all you are doing is returning a different "username" and adding no "attributes", then I think that you can derive your class from this one: http://developer.jasig.org/projects/cas/cas-server-core/cas-server/cas-serve r-core/apidocs/org/jasig/cas/authentication/principal/UsernamePasswordCreden tialsToPrincipalResolver.html and override the method "protected java.lang.String extractPrincipalId(Credentials credentials)". David Ohsie Software Architect EMC Corporation > -----Original Message----- > From: [email protected] > [mailto:[email protected]] > Sent: Friday, July 12, 2013 5:28 AM > To: [email protected] > Subject: [cas-dev] How to return updated principal to resolver when > authenticator returns changed principal? > > Hi, > > I'm working on a piece of infrastructure that might take a username and > password, and when authentication is successful, return an updated principal > to use. For example: Logging in with an email address and password may > return a username that is not necessarily the username before the @ in the > email address. > > How do I pass this updated principal back to the resolver/CAS to use instead > of the principal it assumed it should use (and here I'm guessing it assumes it'll > be the username before the @ in the email address)? > > Can someone help? > > Stefan Paetow > Software Engineer > +44 1235 778812 > Diamond Light Source Ltd. > Diamond House, Harwell Science and Innovation Campus Didcot, > Oxfordshire, OX11 0DE > > > > > -- > This e-mail and any attachments may contain confidential, copyright and or > privileged material, and are for the use of the intended addressee only. If > you are not the intended addressee or an authorised recipient of the > addressee please notify us of receipt by returning the e-mail and do not use, > copy, retain, distribute or disclose the information in or attached to the e- > mail. > Any opinions expressed within this e-mail are those of the individual and not > necessarily of Diamond Light Source Ltd. > Diamond Light Source Ltd. cannot guarantee that this e-mail or any > attachments are free from viruses and we cannot accept liability for any > damage which you may sustain as a result of software viruses which may be > transmitted in or with the message. > Diamond Light Source Limited (company no. 4375679). Registered in England > and Wales with its registered office at Diamond House, Harwell Science and > Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom > > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see http://www.ja- > sig.org/wiki/display/JSG/cas-dev >
smime.p7s
Description: S/MIME cryptographic signature
