> > 1) To authenticate a user, I need to change the username / password data > I received from the login page a little (i.e. add some "@realm" to the > user or convert the password to some proprietary syntax the backend > uses) before sending it to let's say an ODBC or LDAP backend. What seems > to be the best approach to achieve this? Do I really need to write a new > class (org.jasig.cas.adaptors) or is there another way to change the > credentials before sending them to the backend?
Yes these are called Transformers, unrelated to any particular super hero mythology that allow you to change the userid: http://jasig.github.io/cas/development/installation/Configuring-Authentication-Components.html#principalnametransformer-components Most handlers also have a password encoder property that you can define. > > 2) Is it possible to "try" two or more variants of credentials against > the same backend without doing so within the authentication handler itself? Depends on what you mean by variant. Handlers declare support for a specific hierarchy of credentials. So if you wanted to create your own uid/psw credential class and have it be passed to the LDAP handler for example, then you need to make sure your custom class follows the hierarchy. If on the other hand, you mean to authenticate the collection of [test, test@somewhere, TEST@SOMEWHERE] against a single handler all at once looping through one at a time, then no. You need a custom handler. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
