Thanks Misagh, I have configured multiple authenticationHandlers with diferent searchBase. But, for example: - A system with 4 Web Application (Represented by a Group in LDAP Structure) - 3 Users:
User1 is memberOf Group1 and Group2. User2 is memberOf Group3 User3 is memberOf Group3 and Group4 Using multiple AuthenticationHandlers with differents searchBase values, I think this occurs: User1 try to access WebApp3 (Group3), and, all authentication handlers are executed (is that right??), and authenticationHandler 1 (searchBase=cn=Group1,ou=Groups,dc=example) allow the user go to WebApp3. Do you know what I mean? I need to protect the access on each webapplication/group. Any ideas? Thanks!! -----Mensaje original----- De: Misagh Moayyed [mailto:[email protected]] Enviado el: martes, 16 de abril de 2013 14:00 Para: [email protected] Asunto: RE: [cas-user] How to get service parameter in custom AuthenticationHandler? There might be "easier" ways to do this: - use the existing ldap authentication handlers and configure each with the appropriate search base - use a single and existing ldap authentication handler, but expand your search base to include every and all groups Pros and cons to each approach of course. Otherwise, you are going to have modify the service metadata to include the new setting. That said, I think it's interesting to think about how the authentication layer may have access to incoming services. I haven't yet evaluated this thoroughly, but it would potentially prove useful for CAS-1270 [1] Misagh [1] https://issues.jasig.org/browse/CAS-1270 > -----Original Message----- > From: Juan [mailto:[email protected]] > Sent: Tuesday, April 16, 2013 2:24 AM > To: [email protected] > Subject: [cas-user] How to get service parameter in custom > AuthenticationHandler? > > How to get service parameter Single Sign On (Jasig CAS) LDAP Hi All!! > I want to create a custom AuthenticationHandler (Something like > BindLdapAuthenticationHandler) to modifify searchBase Attribute for > lookup LDAP, but, i haven't found the right way to get 'service' > paramater and determine the searchBase property > (ou=Group1,dc=example,dc=com when service is WebAppUrl1 and > ou=Group2,dc=example,dc=com when service is WebAppUrl2). > > Any ideas? Thanks in advance! > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access > archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
