I'm hoping someone has some insight into this... I'm on a tight time schedule and at a loss about how to best implement something like this without opening up a can of worms.
Has anyone had an instance where a User needs to log in or authenticate as a different user in order to prove that they have 2 different identities (for the purposes of linking an account or some other purpose)? Or, is there a good way to test authentication without going through the log in flow? From: Kimberly Ennis Sent: Wednesday, August 12, 2009 3:28 PM To: [email protected] Subject: [cas-user] Testing a Userid/Password from a different account This is a strange request, and I'm not sure that it can be done in CAS, but I thought I'd check and see if anyone has ever done this before. Basically, we have many different companies that can log into our application. Using the "old" (homebrew, not CAS) security system, a single person might have many userids, depending on their admin role and what they have access to, in order to get into the site. We've also create a new, separate application with CAS above it to be able to log in, but the old application will not be switching to CAS at this point due to time and resource constraints (It would be a heck of a lot of work to switch it over). What my requirements are is to create a feature that will link all of these accounts together - so, I might have 20 different userids that will be linked together, and be able to switch to any of the 19 other accounts at any time. We are using Spring Security, and I was thinking that there must be a way to leverage the SwitchUserProcessingFilter to make this happen - and I would assume any questions I have about that part should be directed to the Spring Security folks and not this list. The bigger question, though, is how to get the users linked in the first place. If I am logged in as UserA, and I want to link my UserA account to UserB and UserC, I would need to authenticate into the UserB and UserC accounts with the correct password in order to link the accounts. Is there a way to do this with CAS? Can I log into two accounts at the same time, or "test" my ability to authenticate as a different user while I'm logged in? Has anyone ever implemented something like this before? The whole scenario is confusing, so I apologize if it doesn't make sense. Let me know if you need further clarification. --Kim -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
