Historically CAS does not focus on authorization, that is left to the client applications. Unicon has developed an add-on [1] that can do some basic checking, but I don't know if it has been migrated to support 4.0 yet. You might be able to use it as an outline to help you.
[1] https://github.com/Unicon/cas-addons/wiki/Role-Based-Services-Authorization --- *John Gasper* IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef On 1/23/15 1:38 AM, Yannick MOLINET wrote: > > Hi all, > > > > I have successfully configured a CAS Server 4.0.1 with two LDAP > sources (one AD, one LDAP), with mod_auth_cas, mod_jk. > > I want to authenticate my users on two different webapp. > > > > In my point of view, I think to allow access to a specific webapp if > the user is in correct group (grp_webapp1 or/and grp_webapp2). > > The two apps are publish like http://server/webapp1 and > http://server/webapp2 <http://server/webapp2>. > > > > Is it possible to grant acces to a webapp throw the CAS is the user is > in a correct group ? > > > > Sorry for my poor english, > > Thanks, > > Yannick > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
