Perhaps I shouldn't have sent an apache configuration - we aren't
planning on putting apache httpd in front.
I was thinking more along the lines of an additional filter to add to
the web.xml of the app in question that allowed me to specify a list of
users directly or potentially a resource on the classpath that contained
the list.
On 08/01/2011 10:32 AM, Scott Battaglia wrote:
I would imagine you could chain mod_auth_cas with any of the existing
Apache authorization modules also?
(just guessing)
On Mon, Aug 1, 2011 at 11:24 AM, Marvin Addison
<[email protected] <mailto:[email protected]>> wrote:
> Does a similar capability exist with CAS, e.g. a way to map a list of
> usernames as having authorization to access a given service url?
Authorization does not exist in CAS per se, but you can deliver
attributes to CAS services using the attribute release feature,
https://wiki.jasig.org/display/CASUM/Attributes. Then the CAS client
consumes these attributes in some meaningful fashion, e.g. for
authorization. There's a patch to mod_auth_cas,
https://issues.jasig.org/browse/MAS-60, to allow the attributes to be
treated as authorization constraints very similar to what you've done
with PubCookie.
Take a look at the references I cited and let me know if you need
further help.
M
--
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
