I am new to CAS ( central authentication service ) , I want to use windows active directory as authentication server , I have finished to setup maven for debug use , I just find the below guidelines how to setup active directory for CAS , but I am fool and can not setup it , it is too simple procedure , would advise the more detailed procedure how to setup it , or is there step-by-setup procedure to setup it ? very thanks
https://wiki.jasig.org/display/CASUM/Active+Directory 2014-05-09 14:03 GMT+08:00 Auke van Leeuwen <[email protected]>: > Hello, > > I'm rather new to CAS and figuring out how to do stuff correctly in > CAS :-). I've created an AuthenticationHandler that handles a simple > username password credential, however due to legacy code that > credential does not carry a unique ID of that authentication. The > 'username' of this credential might be an e-mailaddress or a username > for example. > > So when I got the point of 'enriching' the principal with some > additional metadata I was surprised to see that that resolver got the > same credentials as the authentication handler. I mean that means that > I have to re-run the code that I have in my authentication handler > again right? I can understand that by the time you reach the principal > resolver and you have a credential that carries a unique ID this is > rather straightforward, you can probably get the rest of the metadata > rather quick based on this unique ID (for example email address). But > not so in my case. Due to the fact that the underlying data is rather > polluted I can even have multiple accounts with the same email address > where only the password differentiates :-S. Cleanup will eventually > happen, but it needs to work in the meantime as well. > > Because the authentication handler actually returns a HandlerResult > that carries a credential as well I thought I could simply create my > own credential at that point (let's say I create an > IdUsernamePasswordCredential), but this credential isn't passed to the > resolver, only the original credential is. > > Relevant code in the AuthenticationManager: > --- > final HandlerResult result = handler.authenticate(credential); > ... > resolver = this.handlerResolverMap.get(handler); > if (resolver == null) { > principal = result.getPrincipal(); > logger.debug( > "No resolver configured for {}. Falling back to handler > principal {}", > handler.getName(), > principal); > } else { > principal = resolvePrincipal(handler.getName(), resolver, credential); > } > --- > > Basically I was expecting the second to last line to use > 'result.getPrincipal()' instead of just 'credential'. > > The lookup of the principal in the authenticationhandler is also > rather slow :-|. I see that if I don't set a resolver I can enrich the > principal in the authentication handler myself and eventually that > principle will be used, but it doesn't seem 'correct'. > > Any other ideas? > > Auke > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
