We are running CAS with MySQL as the backend. How can CAS be configured
to check the AccountEnabled field in the database and return a warning
to the user if there account has beendisabled. I can see this options
available for LDAP but would like to know if similar functionality is
included within CAS for MySQL.
We are working to provide support for this at the API layer for CAS 4.0,
but there will be no support for that particular feature of MySQL out of
the box.
Can anyone advise me on how to proceed?
The basic sketch is to extend QueryDatabaseAuthenticationHandler or
SearchModeSearchDatabaseAuthenticationHandler to query that field and
construct a suitable Message object that would be placed in the
HandlerResult returned from AuthenticationHandler#authenticate(). The
HandlerResult is preserved all the way back up the authentication API
stack such that the WebFlow layer could react to it. Some source links
to API components for review (in top-down order):
https://github.com/Jasig/cas/blob/feature-new-authn-api/cas-server-core/src/main/java/org/jasig/cas/authentication/AuthenticationManager.java
https://github.com/Jasig/cas/blob/feature-new-authn-api/cas-server-core/src/main/java/org/jasig/cas/authentication/Authentication.java
https://github.com/Jasig/cas/blob/feature-new-authn-api/cas-server-core/src/main/java/org/jasig/cas/authentication/AuthenticationHandler.java
https://github.com/Jasig/cas/blob/feature-new-authn-api/cas-server-core/src/main/java/org/jasig/cas/authentication/HandlerResult.java
https://github.com/Jasig/cas/blob/feature-new-authn-api/cas-server-core/src/main/java/org/jasig/cas/Message.java
I would encourage you to subscribe to cas-dev to follow the discussion
about the new authentication API changes and CAS 4.0 development progress.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
