We'd have to modify the RadiusAuthenticationHandler to throw an exception if "Access Denied" is detected. Is this something that is generalizable? If so, please open a JIRA issue (and a pull request if possible)
Thanks! Scott On Wed, Sep 19, 2012 at 5:27 PM, cp <[email protected]> wrote: > Hi All, > > I'm evaluating a CAS server 3.4.12 with RADIUS authentication back end. > Everything works smoothly. > Then I tried to "implement" a "fall back" mechanism, if the radius server > is not available use a "local" authentication, this is jdbc based in my > case, radius password is different from jdbc password. > > I have partly accomplished this by adding two authentication handlers in > the authentication manager and effectively if radius server is down I can > use the jdbc password to access. > > The problem is that even if the radius server is up and I use the jdbc > password, I login successfully. > In other words for the RadiusAuthenticationHandler: "access denied" and > "server down" conditions are the same, and I want to fall back to jdbc > handler only if the server is down, and not be authenticated if and "access > denied" is returned from radius server. > > I'm wondering if there's a chance to implement this behavior in the > RadiusAuthenticationHandler. > > Regards, > Cesare > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
