The problem with this approach is that cookies (if correctly used) can only be read by the service that creates them. So CAS setting a cookie won't allow your other service to read it, only CAS will be able to read it.
Your best bet is to: 1. Use CAS for authentication and then have your other service query LDAP directly since it knows the user. 2. Use attribute release from CAS so the other service receives those LDAP attributes as part of the CAS process, in addition to the authenticated username. Both are very common setups, 1 very much so. cheers, Steve On 05/03/2012, at 12:11 PM, Bill Scully wrote: > Hi, > > I'm new to CAS, have a working instance with authn to LDAP, but would like to > know if it's possible to store LDAP attributes in a CAS Cookie so that they > can be interrogated by another service? If so, would you mind pointing me to > info. on how I can set this up? > > Thanks for taking the time to read this and any help you can offer. > > Bill > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
