Bill, In theory, this should work. An alternative is to utilize a ThreadLocal to collect the information and then persist it when all of the information is available.
I.e. utilize a filter to create/cleanup the ThreadLocal and use EventHandlers to construct the Logged message in the thread local and also use them to persist the message if all of the information is there. -Scott On 6/5/07, Bill Bailey <[EMAIL PROTECTED]> wrote:
Scott et al, I think I may have solved my problem with the IP address at least in theory. Since I will know the username and the IP of the request in the HttpRequestEvent, I can simply update the registry with this information, but indicate that status of the authentication attempt is unknown. Then I can update the record as status=Authenticated once I get the AuthenticationEvent. Then finally, I can update the registry again when the Ticket Granting Ticket and each Service Ticket is issued. The downside is that multiple web service calls to my registry will be required to assemble the data piecemeal, but it avoids the need to modify CAS in any way. I will just have to make the client API to my registry smart enough to list only the relevant users and associated information (e.g. only those users who have been authenticated OR those users who have been issued a service ticket for a particular service). Does this sound reasonable? Is there anything about the event handling mechanisms that might cause this not to work as I expect or influence the implementation (e.g. what order are the events fired in)? Thanks again. Bill Bailey Senior Developer / DBA Northland, A Church Distributed _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
