I am no Java expert, but it seems like part of the answer could be the
ChainingPrincipalResolver[1]. From the docs:
* A common use case for this component is resolving a temporary principal
ID from an X.509 credential followed by
* a search (e.g. LDAP, database) for the final principal based on the
temporary ID.
That sounds like your scenario, if "search" == "web service".
Thanks,
Carl Waldbieser
ITS Systems Programmer
Lafayette College
[1]
https://github.com/Jasig/cas/blob/master/cas-server-core/src/main/java/org/jasig/cas/authentication/principal/ChainingPrincipalResolver.java
----- Original Message -----
From: "Al Krinker" <[email protected]>
To: [email protected]
Sent: Wednesday, August 13, 2014 4:34:09 PM
Subject: [cas-user] Chaining two separate authentications together
I have this issue where I need to authenticate the user by either X.509
certificate or LDAP. No problem...
Next step, if user was authenticated correctly, I need to look him up in our
internal look up system which is a web service, to retrieve his role.
Unfortunately, I can't add his roles to LDAP or to the cert. So I need to make
another WS or Restful call if user was successfully authenticated.
Any ideas? Thank you!
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
