Tausif, There are things you can do before and after authentication. see https://apereo.github.io/cas/7.1.x/authentication/Configuring-Authentication-Components.html
Ray On Sun, 2024-11-03 at 03:57 -0800, Tausif Iqbal wrote: You don't often get email from [email protected]. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Hi Ng Sek Long, I am also trying to do something similar, I already have database setup for authentication, now I want to add google OAuth on top of it, so that genuine user can directly login without typing credential, but now the issue is anyone can login with google OAuth. Could you let me know what steps you followed to achieve this? Thanks in advance On Wednesday, August 16, 2017 at 6:46:14 AM UTC+5:30 Ng Sek Long wrote: Thanks for your suggestion! I don't mind editing cas source code if my use case is specific for me. Because of my use case, I think I will use the less elegant approach for now until I get time to implement the better approach. -Andy On Wednesday, 16 August 2017 00:53:59 UTC+8, Misagh Moayyed wrote: So you're saying: allow Peter to authenticate via Facebook, then come back to CAS, authenticate and verify credentials and then possibly reject Peter because he's not allowed? You cannot do this without changing source code, but it's strange that you present an option first only to possibly reject it later. It would be better if you tied that policy to a service record in CAS where you could then say: if you want to log into application X, you can use any of the following authorized providers (because there is code that knows what to authorize/prepare for each delegated scenario). Also requires code, but I submit it's the more sensible approach. --Misagh ________________________________ From: "Ng Sek Long" <[email protected]> To: "CAS Community" <[email protected]> Sent: Monday, August 14, 2017 7:59:25 PM Subject: [cas-user] Is it possible in my app to allow only authorized user to use pac4j delegation to login Hi all, and first of all, thanks in advance. Here's my problem: [CAS version]: 5.2.0-RC1 (I need features from this version) [Background]: My application used pac4j to allow user to login using for example Fb, Google Linkedin and such. [Problem]: However, only certain users that are authorized are allowed to login using those pac4j method. However, now I use pac4j as login method everybody can login. [Question]: Is it possible to allow only authorized user to use pac4j authentication? For example maybe I can use a database, which specified only Peter, Mary and John can use Fb to login. Then other random people cannot use pac4j as login method. [Things I tried]: I tried to configure this bean: "clientAuthenticationHandler" in "org.apereo.cas.support.pac4j.config.support.authentication", and I found out that nothing I can do that can implement what I need. I would like to edit this: ClientAuthenticationHandler -> doAuthentication, and add my customization, but it is not a bean. and I don't really want to replace any source code. Any help would be appreciated! -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8f051eb3-3f84-4e48-aba8-45cdee90dab4%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/8f051eb3-3f84-4e48-aba8-45cdee90dab4%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f70b190c971f5f7f0a7aeeeec6b9c4ef11759a9b.camel%40uvic.ca.
