The intention of the wiki page is to describe the process needed for one to retrieve attributes (i.e. authorization information) from a DB, and pass them back to a client application, whereby you could then take advantage of the HTTP request to determine whether a particular agent is decorated with a role (attribute). This would work regardless of your authentication source, as the attribute retrieval mechanism (or what you refer to as authorization info) could really come from anywhere and is not at all tied to how you authenticate.
The intention here is that the application client would be the authority making authz decisions. CAS simply releases the data needed for those decisions. On the other hand, if you would need CAS to be able to make those decisions for you based on the premise of a principal carrying a particular attribute value, then this might also be useful to review: https://github.com/Unicon/cas-addons/wiki/Role-Based-Services-Authorization -Misagh ----- Original Message ----- From: "Idan Fridman" <[email protected]> To: [email protected] Sent: Sunday, October 27, 2013 8:40:41 AM Subject: RE: [cas-user] Cas authentication against LDAP authorization against DB My intention was to keep the authentication against the LDAP and having authorization against database and return all that information to the web application client. Wonder if CAS could provide that? Thanks. From: Idan Fridman Sent: Sunday, October 27, 2013 10:11 AM To: '[email protected]' Subject: RE: [cas-user] Cas authentication against LDAP authorization against DB This article explain how to take authorization information from DB. But I am able to authenticate against LDAP as well? Thanks. From: Misagh Moayyed [ mailto:[email protected] ] Sent: Thursday, October 24, 2013 8:22 PM To: [email protected] Subject: Re: [cas-user] Cas authentication against LDAP authorization against DB See this please: https://wiki.jasig.org/pages/viewpage.action?pageId=47874068 -Misagh From: "ray" < [email protected] > To: [email protected] Sent: Thursday, October 24, 2013 6:43:07 AM Subject: [cas-user] Cas authentication against LDAP authorization against DB Hi, I would like to know if this scenario on CAS is possible to configure: 1. Getting user information from LDAP server. 2. To get authorization information(roles,permission) from the database. 3. Return all data to the web application client. Our web application is based on Spring security. Thanks, ray. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
