Excellent, Thanks. I will look into JOSSO right away...although my question was pertaining to Yale CAS. Returning XML is indeed a good idea if you wish to build a custom client to use it. However, Yale CAS provides a client which should be able to consume anything that the server throws at it (XML or whatever).
If this is possible, then I think it is just a matter of some clever filter-chaining within web.xml to get from Yale CAS login to tomcat role-based login. I was just wondering if anyone had already done that and if I am able to do it, I will certainly post here. Regards, Uday Kari -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ding Kai-Jian Sent: Tuesday, April 24, 2007 10:27 AM To: [email protected] Subject: Re: Return More than User Name Uday Kari <[EMAIL PROTECTED]> writes: > > Indeed, I am VERY interesting in this capability as well (that is > returning more than just username). > > Specifically, the servlet specification seems to suggest that HTTP > request needs to > > A) return the login username as a result of request.getRemoteUser() > B) return "true" for request.isUserInRole("rolename") > C) return non-null UserPrincipal object for request.getUserPrincipal() > > Is there a way to do this "roles-aware" type of login using Yale CAS > server/client out-of-the-box for tomcat? Yes, there is out-of-box support for this within tomcat. JAAS is based on role. And I know josso(another opensource sso product) dose just what you said based on JAAS and tomcat. Do you mean CAS 3.1 M3 or later will support doing like that? But I still think returning extra info using xml (casServiceValidationSuccess.jsp??) is a better idea. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
