There's no point in sending them via request parameters. You can't trust the values.
On Fri, Apr 30, 2010 at 8:29 AM, Gabi Teris <[email protected]> wrote: > Hi, > > Thanks for your reply, but I can't really use SAML. What I really need for > that app is the cas server to send more parameters when it's doing the > redirect to the client, along with the ticket id. All I want to know is if > that is possible and where to look for that redirect. > > Thank you again. > > > José Miguel Parrella Romero wrote: > > Gabi Teris escribió: > > > I need to integrate the CAS server inside my web application, since it's > already a big one and so I don't need to reimplement the database access. So > I need to send some parameters to another web application that require some > user data (no password) like: user full name, role, etc. Can I do that by > sending a request with parameters(like the ticket parameter), and if so, > where can I change the code ? > > > Gabi, > > As Marvin said, you can configure CAS to retrieve additional attributes > from your datastore and present them through SAML. I don't use SAML or > the client libraries at all and rather go with mod_auth_cas, which uses > CAS and this protocol doesn't seem to be able to provide additional attr > > Be aware, though, that CAS is an authentication solution and doesn't aim > to provide enough information to also cover authorization, which is a > matter of your application or application cluster. I'd rather use REST > web services which know your business logic and provide you with a > simple list or OK/ERR messages for access control. > > HTH, > > > > > > -- > Gabi Teris, Senior Java Developer > AZOTH Ltd > Grigore Alexandrescu 64 > Bucharest, 010626, Romania > Tel: (004)021-3107470 (extension 14); Fax: (004)021-3107426 > Skype: gabi.teris > GTalk: gabi.teris > > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
