The CAS server web application session should be distinct from the session of any application that is a client of CAS authentication.
You would typically use a CAS client like the CASFilter to make your application a client of CAS, and that client will have a capability to put the authenticated username someplace the rest of your application can get at. For instance, the CASFilter puts it in the session and optionally wraps the request such that request.getRemoteUser() returns the authenticated username. Since your application's session and the CAS server's session are distinct, I don't see how it would help to implement in your handler (I presume, CAS server AuthenticationHandler) behavior for storing the authenticated username in a session. Maybe I have misunderstood your question? Andrew > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Leonardo Otoni de Assis > Sent: Tuesday, January 30, 2007 1:59 PM > To: [email protected] > Subject: userPrincipal > > Hi everyone. > > I am testing the server cas version 3.0 in environment tomcat 5.5.9 + > jsdk 1,5 and am having success with the implementation of a handler for > authentication of users and basic configuration of a Java Client that > until this moment is correctly redirecting the requests for cas server > and returning for the protecting application. My doubt is with the > userPrincipal object that cas does not include in the session. I ask: > which the better way to place this object in the user session? > To create a specialized filter in my application or to implement in my > handler's class a method to include the userPrincipal in the session? > Somebody would have some example? > > Thanks a lot, > > -- > > Leonardo Otoni de Assis > Desenvolvimento Java - Produto eCompany > Powerlogic Consultoria e Sistemas S/A > (31) 3286-1691 > [EMAIL PROTECTED] > > > -- > Esta mensagem foi verificada pelo sistema de antivĂrus e > acredita-se estar livre de perigo. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
