There is also a page that shows how values from a database can be provided as attributes that allow the use of isUserInRole(): https://wiki.jasig.org/display/CASUM/HOWTO+utilize+javax.servlet.http.HttpServletRequest+isUserInRole%28+java.lang.String+role+%29
On Mon, Aug 1, 2011 at 11:24 AM, Marvin Addison <[email protected]> wrote: >> Does a similar capability exist with CAS, e.g. a way to map a list of >> usernames as having authorization to access a given service url? > > Authorization does not exist in CAS per se, but you can deliver > attributes to CAS services using the attribute release feature, > https://wiki.jasig.org/display/CASUM/Attributes. Then the CAS client > consumes these attributes in some meaningful fashion, e.g. for > authorization. There's a patch to mod_auth_cas, > https://issues.jasig.org/browse/MAS-60, to allow the attributes to be > treated as authorization constraints very similar to what you've done > with PubCookie. > > Take a look at the references I cited and let me know if you need further > help. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
