> But I want to make a Database query, after CAS validates the x509 > Certificate (the same that appears in > http://www.ja-sig.org/wiki/display/CASUM/X.509+Certificates "A field can be > extracted from the Certificate and then resolved to a Principal name through > an LDAP lookup")
We extract a part of the subject DN and perform an LDAP lookup to map an integer onto a string principal name, which is what you described above. A full example is available in our deployer config, https://projects.iad.vt.edu:8443/svn/middleware/cas/cas-server/trunk/vt-cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml. The points of interest are the X509CredentialsAuthenticationHandler bean and the PDCCredentialsToPrincipalResolver. The latter class is a custom CredentialsToPrincipalResolver, one of which you will likely need to perform your database principal mapping. Good luck, Marvin -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
