It would be better, if instead of the simple-test handler you configured a set of users accepted by the accept-users handler. Configure the usernames to be something that could never exist in AD, and put the handler first. Then have the management app to authorize accounts based on ldap, rather than a hardcoded set of users.
-----Original Message----- From: Baron Fujimoto [mailto:ba...@hawaii.edu] Sent: Wednesday, September 3, 2014 7:15 PM To: cas-user@lists.jasig.org Subject: [cas-user] SimpleTest...AuthenticationHandler & Service Management authorization We'd like to provide some of our developers with the functionality available of the SimpleTestUsernamePasswordAuthenticationHandler. Is there a way to enable this, yet still require a more restrictive authentication handler for the users authorized to use the Services Management application? Ideally for example, the Services Management app would only be available to its enumerated users if they authenticate with the BindLdapAuthenticationHandler. Happy to RTFM if pointed to the appropriate link in TFM. We're using 3.4.11. Aloha, -baron -- Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services minutas cantorum, minutas balorum, minutas carboratum desendus pantorum -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
