An easy way is to use a custom SpringSecurity UserDetailService (you might 
extend the one you are using).  Grab the CAS information there, put it in a 
convenient user object that is easy to use from a JSP, and place it in the 
session (if it isn't there already).  

Presto!  You now have a user object that is available in all pages - as long as 
authentication happened at some point (to identify the user).

In the cases where you allow access to some pages without authentication - your 
code should be smart enough to display a blank instead of blowing up because 
the convenient user object isn't in the session.

b.

-----Original Message-----
From: Phil Collins [mailto:[email protected]] 
Sent: Thursday, July 02, 2009 4:16 AM
To: [email protected]
Subject: [cas-user] Displaying user name on unprotected pages

Hi all,

I'm using CAS server 3.3., cas client 3.1.3 with spring security 2.0.4.
I have several applications which all use single sign on / out.

Once a user has logged in I'm displaying their name in the page header across 
all applications.
I'm using Cas controlled authentication and spring security role based 
authorisation. 
I also use the spring authentication tag to get the users name to display in 
the header, this relies on the spring security context object having been 
created in the applications session.

This is where my problem is some pages that are not protected by cas and so 
when a user logs into one application via CAS i retrieve their name and display 
it on the page header
however when a user then goes to a page not protected by cas in another 
application the spring security context object doenst exist in their session 
therefore the spring authentication tag assumes the user is not logged in. So 
is there a way I can ask CAS if a user is authenticated using the TGT cookie 
without asking for a login if not?

Thanks
Phil
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to