Cool! The quickest way to finding the answer yourself is apparently to send an email looking for the answer ;-)
On Thu, Sep 22, 2011 at 9:16 AM, John Davis <[email protected]> wrote: > Thanks Scott > > Just a few minutes after I sent my note I thought that overriding that > class/method might do the trick, and it looks like it will. > > For anyone that's interested, the TicketResource class (or whichever one > you want to use), is defined in WEB-INF/restlet-servlet.xml. I've extended > TicketResource.java and overriden one method which will create Credentials > based on the username - currently it just creates the usual Credentials but > you get the idea :) > > @Override > *protected* Credentials obtainCredentials() { > *final* RestletWebRequest webRequest = > *new*RestletWebRequest(getRequest()); > > String username = webRequest.getParameter("username"); > String password = webRequest.getParameter("password"); > > // create *Credentials* depending on *username* > *final* UsernamePasswordCredentials c = > *new*UsernamePasswordCredentials(); > c.setUsername(username); > c.setPassword(password); > > *return* c; > } > > > > > > From: Scott Battaglia <[email protected]> > To: [email protected] > Date: 22/09/2011 14:04 > Subject: Re: [cas-user] Advice on multiple authentication handlers > and REST > ------------------------------ > > > > The REST API does not fix you to using only UsernamePasswordCredentials. > > See API: > * > https://github.com/Jasig/cas/blob/master/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java#L87 > *<https://github.com/Jasig/cas/blob/master/cas-server-integration-restlet/src/main/java/org/jasig/cas/integration/restlet/TicketResource.java#L87> > > Cheers, > Scott > > > On Thu, Sep 22, 2011 at 7:40 AM, John Davis > <*[email protected]*<[email protected]>> > wrote: > Hi all, > > I want to use three separate handlers, which one is used depends on the > format of the Principle (e.g. the username). We call CAS using REST, which > appears to fix us to using only UsernamePasswordCredentials, so I can't use > different Credentials implementations and then select which authentication > using the supports() method. I thought instead that I could examine the > username in the supports() method of each authenticator but unfortunately > that method is final in AbstractPreAndPostProcessingAuthenticationHandler. > > I think my choices are either to create my own > AbstractPreAndPostProcessingAuthenticationHandler, or not use supports() and > instead work out if the credentials are supported in the > authenticateUsernamePasswordInternal() method. > > I'm leaning towards the first option, but just thought I'd see if anyone > has any suggestions. > > cheers, john > -- > You are currently subscribed to > *[email protected]*<[email protected]>as: > *[email protected]* <[email protected]> > To unsubscribe, change settings or access archives, see * > http://www.ja-sig.org/wiki/display/JSG/cas-user*<http://www.ja-sig.org/wiki/display/JSG/cas-user> > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
