Whoops, I meant JDBC database. Sorry for the confusion.
-David
Marvin Addison wrote:
I am using certificate authentication from a smart card reader. I was
wondering if it would be possible to pull an attribute from the certificate and
store that in the LDAP database according to a username. Once the attribute is
mapped to a user, then whenever that same certificate would be authenticated,
it would login as the user mapped to the database.
We do something like this:
- Authenticate user with X.509 cert on Aladdin eToken
- Parse DN and extract numeric UID attribute
- Perform LDAP query to map numeric UID to string principal name
You can do the above with components CAS provides out of the box.
CAS does not have components, per se, for LDAP write operations, so
you would have to develop that component on your own to store your
cert attribute in LDAP. As for mapping the cert attribute to the data
stored in LDAP, CAS supports this well via
CredentialsToLDAPAttributePrincipalResolver.
Hope that helps,
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
