I have not tried it in casGenericSuccess.jsp but the following (or a slightly
cleaner and more elegant version of it) works in all of my applications that
are authenticated by CAS. Note: I use Spring Security as my interface to CAS
– that probably gives me a few extra capabilities beyond what CAS supplies. I
believe that CAS uses Spring Security internally too so these things ‘might’ be
accessible in the casGenericSuccess.jsp.
0) General setup:
<%...@page import="javax.naming.directory.Attributes"%>
<%...@page
import="org.springframework.security.providers.cas.CasAuthenticationToken"%>
<%...@page import="org.springframework.security.userdetails.UserDetails"%>
1) Username:
<%
CasAuthenticationToken casTok =
(CasAuthenticationToken)request.getUserPrincipal();
UserDetails userDetails = casTok.getUserDetails();
String username = userDetails.getUsername();
%>
2) Other user attributes:
2a) Some attributes should be available through userDetails.
2b) SpringSecurity allows you to write your own (or extend) userDetailsService.
That means that if you are not getting all the details you want… you can code
for it and retrieve them from LDAP, database, or whatever. That can include
access roles.
2c) I can’t remember where it comes from… but you can test for membership in a
particular role by doing something like
<%if (request.isUserInRole("ROLE_USER")) { %>
The above is not really a HOW-TO, not the only way of doing it and absolutely
not the best (besides the ugly scriplets which you can avoid by using JSTL)…
but it works and should be easy enough to understand, plus have enough clues to
follow for you to figure out what solution will work for you. You probably
will also need to read up and do some test code with Spring Security.
BTW, I consider myself a CAS beginner. I just found myself trying to answer
similar questions to yours. My answer is probably not the best or even
‘recommended’ way to do this. If you find a better solution that you consider
solid and elegant, please document it in the Wiki… we will all thank you for it!
bruno
________________________________
From: Spruit, Richard [mailto:[email protected]]
Sent: Tuesday, May 12, 2009 2:02 AM
To: [email protected]
Subject: [cas-user] Usercredentials in CAS-server
We are currently changing the look and feel of the cas-server; e.g. pages like
casGenericSucces.jsp, casLoginView and others. Herefore we have two questions
we can't seem to find in the documentation:
- is it possible to show in these jsp-pages the userid of the logged-on user?
How do we do this?
- is it possible to show in these jsp-pages the extra attributes of the user?
How do we do this?
Any help is greatly appreciated!
Kind regards,
Richard
Please help Logica to respect the environment by not printing this email / Pour
contribuer comme Logica au respect de l'environnement, merci de ne pas imprimer
ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica
dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente
n㯠imprimindo este correio electro. This e-mail and any attachment is for
authorised use by the intended recipient(s) only. It may contain proprietary
material, confidential information and/or be subject to legal privilege. It
should not be copied, disclosed to, retained or used by, any other party. If
you are not an intended recipient then please promptly delete this e-mail and
any attachment and all copies and inform the sender. Thank you.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
