Hi Marvin,
Let's say I have these two Resolvers in my deployerConfigContext.
1. <bean
class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">
2. <bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
Now, how is it decided that a particular request should use (1) or (2) above?
Where is that if/else? May be login-webFlow?
I want to configure something like this:
//---------
If the request has a pre-authenticated ticket from a (remote) parentCAS,
use (1);
else if the request does not have a ticket,
use (2);
else
no authentication required (assume the user has already been authenticated
locally)
//--------
How can I achieve this goal?
Thanks for your attention.
--- On Wed, 2012/2/8, [email protected] <[email protected]> wrote:
Thanks, Marvin.
It is encouraging to know that it may be possible to develop that component.
--- On Wed, 2012/2/8, Marvin Addison <[email protected]> wrote:
> Authentication based not on username/password combination, but based on some
> attributes.
I've lost some of the context of your discussion of parent/child CAS.
If you want to model access to one domain from another as an
authorization decision, which seems reasonable to me at face value,
then the attribute release mechanism of CAS should work nicely. One
of its primary design functions is to facilitate authorization.
> I don't see "CredentialsToMySQLAttributePrincipalResolver" when I google.
Doesn't exist, but C-To-P resolvers are fairly straightforward
components to develop to suit your needs.
M
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
