Hello folks,For now, when the user give CAS a certificate which is revoked, CAS answers as if the certificate does not exists (an AuthenticationException is thrown by X509 handler, this exception is silently logged, then next AuthenticationHandler is called). In this case and other X509 validity exceptions, I wish to give some piece of information to the user. I'm wondering if a modification of X509CertificateCredentials class would not be sufficient ?
My idea is to add some validity information to these credentials, in order to catch them in the method onError of X509CertificateCredentialsNonInteractiveAction class
e.g when a certificate is revoked : 1) A RevokedCertificateException is thrown, 2) it's catched, then an AuthenticationException is thrown, 3) it's catched, then a TicketException is thrown4) AbstractNonInteractiveCredentialsAction class (doExecute method) catches the exception and onError method is called if the TicketException has a cause which is an AuthenticationException. perfect. but the only arguments are requestContext and Credentials, and nothing else.
I think that in onError method, I can add valuable information in request context in order to give information to the user via casLoginView.jsp.
Is it a fool idea or not ? Rgds. -- Philippe MARASSE Service Informatique - Centre Hospitalier Henri Laborit BP 587 - 370 avenue Jacques Coeur 86021 Poitiers Cedex Tel : 05.49.44.57.19
smime.p7s
Description: S/MIME Cryptographic Signature
