Thanks! I went back and looked at my hack and 5 lines later I see exactly what you suggest.
Did you see my post about our Spring implementation? There are some in the department that want me to do the same inside my authentication filter so they won't have to change their web.xml to use the CAS filters. Cheers, Bryan ________________________________________ From: Marvin Addison [[email protected]] Sent: Monday, April 19, 2010 1:56 PM To: [email protected] Subject: Re: [cas-user] CAS Integration with other authentication filters Really, you only need to trick the CAS AuthenticationFilter in order to get into your application. The AuthenticationFilter checks for the presence of the CAS Assertion in the session using a well-known key name (AbstractCasFilter.CONST_CAS_ASSERTION), so you could simply install a dummy Assertion in the session in an upstream filter that handles PeopleSoft cookies. This keeps you from having to customize CAS filters. In the CAS authentication case, that filter wouldn't be doing anything, and the AuthenticationFilter would correctly redirect you to the CAS server on initial access. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
