> As an alternative, I'd like suggestions as to where is the 'right place' for
> getting the user details and place them into the http session - using the
> CAS java client (preferably, only once per successful login).
They're already conveniently available if you enable the following
filters in the client web.xml:
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>
See
http://www.middleware.vt.edu/doku.php?id=middleware:cas:client#obtaining_pid_and_attributes_from_java_application
for a code sample of how a CAS client can pull attributes from the
SAML response. The key object is the CAS Assertion that can be
obtained from the session.
Hope that helps,
Marvin Addison
Middleware Services
Virginia Tech
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
