On Wed, Dec 3, 2014 at 8:34 PM, William G. Thompson, Jr. <wgt...@gmail.com> wrote: > On Wed, Dec 3, 2014 at 2:28 PM, Misagh Moayyed <mmoay...@unicon.net> wrote: >> >> Think of this in MFA terms: you want to authenticate the user at every step, >> invoking this facade on multiple types of credentials again and again from >> this and that flow and subflow and keep collecting. You can do this >> indefinitely until you come to a point where you decide, “I am OK. Give me >> the TGT” at which point CASImpl would be get involved. Your collection needs >> to include enough metadata about the individual authentication event so that >> if the TGT needs any, it would have enough to proceed. > > CAS.createTGT(final Subject subject) where subject is a container for > any number of principals and authentication metadata perhaps using > javax.security.auth.Subject directly.
Or perhaps outsource the how authN subsystem to Apache Shiro: http://shiro.apache.org/authentication-features.html http://shiro.apache.org/subject.html -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
