Yes, its been supported since 3.1: https://www.ja-sig.org/svn/cas3/trunk/cas-server-core/src/main/java/org/jasig/cas/authentication/DirectMappingAuthenticationManagerImpl.java
It essentially accepts a map of "credentialsMapping" where the key is the Credentials class and the value is a DirectAuthenticationHandlerMappingHolder (which takes an authentication handler and a credentialstoprincipalresolver). Cheers, Scott On Mon, Feb 15, 2010 at 4:45 AM, Andy Cowling < [email protected]> wrote: > Is the "Direct Mapping Authentication Handler" feature supported in CAS > 3.3.1? If so, where might I find some documentation on configuring it? > > We're looking at failing over to AD authentication, for IE8 users. Rather > than try out SPNEGO at the mo, we're looking to authenticate with AD over > LDAP. But our AD "single forest" presents us with no less than 4 LDAP > instances that our users are spread across - so I was thinking we might have > to create 4 LDAP authentication handlers, which can each be tried in turn > (with the same credentials). Resolving to principal in this case would > benefit from a direct mapping between authentication handler and credentials > to principal resolver. > > An alternate approach may be to use Kerberos (via JAAS). But its not clear > from the docs what the principal will be populated with via this method (we > need the realm+uid in a single string) > > Any tips welcome! > > Cheers > Andy > > > -- > > Andy Cowling | UK Core IT > Interactive Data Managed Solutions Ltd > > ------------------------------------------------------------------------------------------------------------------------------- > Suite 1101, Eagle Tower | Montpellier Drive | Cheltenham GL50 1TA | UK > Tel: +44 (0)1242 6941 15 | Fax: +44 (0)1242 6941 01 > [email protected] > http://www.interactivedata-ms.com > > This message (including any files transmitted with it) may contain > confidential > and/or proprietary information, is the property of Interactive Data > Corporation > and/or its subsidiaries, and is directed only to the addressee(s). If you > are not > the designated recipient or have reason to believe you received this > message in > error, please delete this message from your system and notify the sender > immediately. An unintended recipient's disclosure, copying, distribution, > or > use of this message or any attachments is prohibited and may be unlawful. > Interactive Data (Europe) Ltd Registered No. 949387 England Registered > Office: > Fitzroy House 13-17 Epworth Street. London. EC2A 4DL > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
