I've configured CAS with authentication delegation (Pac4J Google) +
attribute resolution (REST) + interrupt notification (REST).
My attribute resolution REST endpoint translates the principal ID
returned from delegated authentication (of the format
org.pac4j.oauth.profile.google2.Google2Profile#[number], as I have
cas.authn.pac4j.core.typed-id-used=true) and returns it as an attribute
"principal", and together with the
cas.person-directory.principal-attribute=principal setting, this
principal ID then becomes the user's "final" principal ID.
In 5.3.x, the "final" principal ID is then being used to call the
interrupt notification REST endpoint. This is what I expect.
In 6.3.x / 6.4.x however, the original principal ID
org.pac4j.oauth.profile.google2.Google2Profile#[number] is being used to
call the interrupt notification REST endpoint. Is this an intentional
change or is this a possible bug?
Thanks,
Chia-Ying
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/8e04d560-f3f3-7434-16e5-2a2c466661dc%40gmail.com.
