Well, probably a bit hackish, but the following modification got the proof
of concept going.
./cas-server-support-trusted/src/main/java/org/jasig/cas/adaptors/trusted/web/flow/PrincipalFromRequestRemoteUserNonInteractiveCredentialsAction.java
From:
final String remoteUser = request.getRemoteUser();
To:
final String remoteUser = request.getHeader("OAM_REMOTE_USER");
Anyone see any major problems with that from a security perspective?
Thanks,
D
On Thu, Dec 11, 2014 at 7:15 PM, deejam <[email protected]> wrote:
>
>
> Hey Everyone, I'm Experimenting with the cas-server-support-trusted auth
> method. I have it setup and working with a slightly old version (3.4.12.1).
> I have been digging around for a while looking for a way to configure the
> resolver to get the user from OAM_REMOTE_USER (set by a oracle webgate
> module) instead of REMOTE_USER. I couldn't find if this was configurable or
> if some custom code was needed.
>
> I'm also looking to see if we can get the oam webgate to set REMOTE_USER
> instead of OAM_REMOTE_USER.
>
> Thanks much for any pointers!
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
