Hi I have been reading various links now, but I am still a bit lost on how to do this, because my custom authentication handler receives the additional information from a custom backend and if IIUC one cannot set this additional information as attributes inside the custom authentication directly.
But one rather has to introduce custom credentials class (by overwriting UsernamePasswordCredentials) and append the additional information to the custom credentials inside authenticateUsernamePasswordInternal(...) and then introduce a custom Resolver (by overwriting UsernamePasswordCredentialsToPrincipalResolver) which will make a cast to the custom credentials and hence set for example attributeRepository? Is that the recommended way or do I misunderstand something? Thanks Michael Am 14.10.13 15:29, schrieb Jérôme LELEU: > Hi, > > After a successful authentication, CAS will build an Authentication object > with a Principal. Using the appropriate resolver, you will be able to > populate attributes for your principal. > Here is a good start : https://wiki.jasig.org/display/CASUM/Attributes. > I advice you to search through the mailing list as returning attributes is > a common topic. > Best regards, > Jérôme > > > > 2013/10/14 Michael Wechner <[email protected]> > >> Hi >> >> I have written a custom authentication handler extending >> AbstractUsernamePasswordAuthen**ticationHandler, >> which is working very fine. >> >> When authenticating successfully, then I receive a response like >> >> <?xml version="1.0" encoding="UTF-8"?><cas:**serviceResponse xmlns:cas=" >> http://www.yale.**edu/tp/cas <http://www.yale.edu/tp/cas>"> >> <cas:authenticationSuccess> >> <cas:user>[email protected]</cas:**user> >> >> Is it possible to also customize this response by adding more information >> like for example the firstname and lastname of a user, e.g. >> >> <?xml version="1.0" encoding="UTF-8"?><cas:**serviceResponse xmlns:cas=" >> http://www.yale.**edu/tp/cas <http://www.yale.edu/tp/cas>"> >> <cas:authenticationSuccess> >> <cas:user>[email protected]</cas:**user> >> <custom:firstname xmlns:custom="http://www.** >> wyona.com/custom <http://www.wyona.com/custom>">Alice</**custom:firstname> >> <custom:lastname xmlns:custom="http://www.** >> wyona.com/custom <http://www.wyona.com/custom>">Smith</**custom:lastname> >> <custom:company xmlns:custom="http://www.** >> wyona.com/custom <http://www.wyona.com/custom>">Wyona</**custom:company> >> >> ? >> >> I am asking because then the CAS implementation of my webapp would not >> have to make an additional request to the identity management system in >> order to retrieve firstname, lastname, etc. in order to display when being >> logged in. >> >> Thanks >> >> Michael >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/**display/JSG/cas-user<http://www.ja-sig.org/wiki/display/JSG/cas-user> >> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
