Folks,
this is just an informational message about the lightweight JSON validation
response for service tickets is available in cas-addons. The successful
validation response contains a set of exposed principal attributes and
basically looks like this:
{"user":"u1",
"authenticationTime":1341844049419,
"attributes":
{"eduPersonAffiliation":"alumni",
"lastName":"One",
"firstName":"User"}
}
Of course there is a SAML validation response already baked in, but over
the years I've noticed a pattern where folks wanted a lightweight response
with attributes and resorted to 'hack' success view JSP to do that. With
this view, there is no need to do that (should one choose to use it).
Simply declare a Maven dependency on 'cas-addons' in the local overlay's
pom, and
configure the view on the /serviceValidate endpoint controller or create a
totally separate validation endpoint, say /jsonValidate, etc:
<bean id="jsonSucessView"
class="net.unicon.cas.addons.response.ServiceValidateSuccessJsonView"/>
<bean id="serviceValidateController"
class="org.jasig.cas.web.ServiceValidateController"
p:validationSpecificationClass="org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:proxyHandler-ref="proxy20Handler"
p:argumentExtractor-ref="casArgumentExtractor"
p:successView="jsonSucessView"/>
Of course there is no corresponding support in Java CAS client for this
validation payload, but hey, if someone finds this useful, that could be
added too.
The code is here:
https://github.com/Unicon/cas-addons/blob/master/src/main/java/net/unicon/cas/addons/response/ServiceValidateSuccessJsonView.java
and it should be available in Maven central as cas-addons-0.6 in the few
days.
Cheers,
Dmitriy.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
