> 2. once develop I can use Maven2 Overlay method to injest the new .class > file into the WAR
Your overlay itself should contain the source under src/main/java, and your configuration would live under src/main/webapp. > How do I tell CAS to use the EDIPI > number I extracted from the CN to look up to see if there is an LDAP account > associated with the EDIPI number. This happens naturally. You'll do the LDAP query inside the CtoP resolver component. You'll be given an X509CertificateCredentials object from which you'll get the CN and subsequently EDIPI value for the LDAP search filter. If the search produces a result, you'll return firstname.lastname, UID from the directory, or whatever you want to use for the principal identifier by which the user will be known to CAS clients. If no result is found, return null to flag the authentication machinery that principal resolution failed, which is treated as an authentication failure. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
