An easy way is to use a custom SpringSecurity UserDetailService (you might extend the one you are using). Grab the CAS information there, put it in a convenient user object that is easy to use from a JSP, and place it in the session (if it isn't there already).
Presto! You now have a user object that is available in all pages - as long as authentication happened at some point (to identify the user). In the cases where you allow access to some pages without authentication - your code should be smart enough to display a blank instead of blowing up because the convenient user object isn't in the session. b. -----Original Message----- From: Phil Collins [mailto:[email protected]] Sent: Thursday, July 02, 2009 4:16 AM To: [email protected] Subject: [cas-user] Displaying user name on unprotected pages Hi all, I'm using CAS server 3.3., cas client 3.1.3 with spring security 2.0.4. I have several applications which all use single sign on / out. Once a user has logged in I'm displaying their name in the page header across all applications. I'm using Cas controlled authentication and spring security role based authorisation. I also use the spring authentication tag to get the users name to display in the header, this relies on the spring security context object having been created in the applications session. This is where my problem is some pages that are not protected by cas and so when a user logs into one application via CAS i retrieve their name and display it on the page header however when a user then goes to a page not protected by cas in another application the spring security context object doenst exist in their session therefore the spring authentication tag assumes the user is not logged in. So is there a way I can ask CAS if a user is authenticated using the TGT cookie without asking for a login if not? Thanks Phil -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
