Sent from my iPhone
On Jan 7, 2013, at 16:49, "Ken Maruyama" <[email protected]> wrote: > Hi Dmitriy, > > I'm trying to follow your suggestion, but have some questions. > > First, when you say I should create a interface/impl, do you mean to create a > implementation of AuthenticationHandler? No. I mean a separate API/Impl from core CAS API. In other words a custom API which should plug into the CAS login webflow. > > > Second, does adding additional action means adding a <bean> property in the > authenticationHandlers section of the deployerConfigContext.xml? It would be a custom state definition in login-webflow.xml as well as any custom beans in WEB-INF/spring-configuration. > uthenticationManagerImpl"> > <property name="credentialsToPrincipalResolvers"> > <list> > <bean > class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver"> > <property name="credentialsToPrincipalResolver"> > <bean > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > /> > </property> > <property name="filter" value="(uid=%u)" /> > <property name="principalAttributeName" > value="XXXXXXXXXXXXXX" /> > <property name="searchBase" value="o=XXXXXX,c=XXXXXX" /> > <property name="contextSource" ref="contextSource" /> > <property name="attributeRepository"> > <ref bean="attributeRepository" /> > </property> > </bean> > <bean > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"> > > <property name="attributeRepository" > ref="attributeRepository" /> > </bean> > <bean > class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" > /> > </list> > </property> > <property name="authenticationHandlers"> > <list> > <bean > class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" > p:httpClient-ref="httpClient" /> > <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > p:filter="uid=%u" p:searchBase="o=XXXXXXXXX,c=XXXXXXX" > p:contextSource-ref="contextSource" /> > </list> > </property> > </bean> > <sec:user-service id="userDetailsService"> > <sec:user name="@@THIS SHOULD BE REPLACED@@" password="notused" > authorities="ROLE_ADMIN" /> > </sec:user-service> > <bean id="attributeRepository" > class="org.jasig.services.persondir.support.StubPersonAttributeDao"> > > <property name="backingMap"> > <map> > <entry key="uid" value="uid" /> > <entry key="eduPersonAffiliation" > value="eduPersonAffiliation" /> > <entry key="groupMembership" value="groupMembership" /> > </map> > </property> > </bean> > <bean id="serviceRegistryDao" > class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> > <property name="registeredServices"> > <list> > <bean class="org.jasig.cas.services.RegexRegisteredService"> > > <property name="id" value="0" /> > <property name="name" value="HTTP and IMAP" /> > <property name="description" > value="Allows HTTP(S) and IMAP(S) protocols" /> > <property name="serviceId" > value="^(https?|imaps?)://.*" /> > <property name="evaluationOrder" value="10000001" /> > </bean> > </list> > </property> > </bean> > <bean id="auditTrailManager" > class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" /> > <bean id="healthCheckMonitor" > class="org.jasig.cas.monitor.HealthCheckMonitor"> > <property name="monitors"> > <list> > <bean class="org.jasig.cas.monitor.MemoryMonitor" > p:freeMemoryWarnThreshold="10" /> > <bean class="org.jasig.cas.monitor.SessionMonitor" > p:ticketRegistry-ref="ticketRegistry" > p:serviceTicketCountWarnThreshold="5000" > p:sessionCountWarnThreshold="100000" /> > </list> > </property> > </bean> > <bean id="contextSource" > class="org.springframework.ldap.core.support.LdapContextSource"> > <property name="pooled" value="false" /> > <property name="url" value="ldaps://XXXXXXXXX:636" /> > <property name="baseEnvironmentProperties"> > <map> > <entry key="com.sun.jndi.ldap.connect.timeout" > value="3000" /> > <entry key="com.sun.jndi.ldap.read.timeout" value="3000" /> > <entry key="java.naming.security.authentication" > value="simple" /> > </map> > </property> > </bean> > </beans> > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
