Hmm, that's an idea, but I'm not sure it will meet their needs, since I think
they may want the principal of an actual user. I'll have to check.
For the sake of testing this though, I tried it out but ran into a problem.
When I uncomment the sample in deployerConfigContext.xml before
BindLdapAuthenticationHandler:
<bean
class="org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler">
<property name="users">
<map>
<entry>
<key>
<value>foo</value>
</key>
<value>bar</value>
</entry>
</map>
</property>
</bean>
I get the following error when I deploy:
2014-09-04 08:51:52,378 ERROR [org.springframework.web.context.ContextLoader] -
<Context initialization failed>
[...] Cannot find class
[org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler] for bean with
name 'org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler#923288b'
defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]; nested
exception is java.lang.ClassNotFoundException:
org.jasig.cas.adaptors.generic.AcceptUsersAuthenticationHandler
I'm not sure why I'm getting class not found.
-baron
On Wed, Sep 03, 2014 at 11:53:32PM -0700, Misagh Moayyed wrote:
>It would be better, if instead of the simple-test handler you configured a
>set of users accepted by the accept-users handler. Configure the usernames
>to be something that could never exist in AD, and put the handler first.
>Then have the management app to authorize accounts based on ldap, rather
>than a hardcoded set of users.
>
>-----Original Message-----
>From: Baron Fujimoto [mailto:[email protected]]
>Sent: Wednesday, September 3, 2014 7:15 PM
>To: [email protected]
>Subject: [cas-user] SimpleTest...AuthenticationHandler & Service
>Management authorization
>
>We'd like to provide some of our developers with the functionality
>available of the SimpleTestUsernamePasswordAuthenticationHandler.
>
>Is there a way to enable this, yet still require a more restrictive
>authentication handler for the users authorized to use the Services
>Management application? Ideally for example, the Services Management app
>would only be available to its enumerated users if they authenticate with
>the BindLdapAuthenticationHandler. Happy to RTFM if pointed to the
>appropriate link in TFM. We're using 3.4.11.
>
>Aloha,
>-baron
--
Baron Fujimoto <[email protected]> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
