Sarah, You can add an AuthenticationMetaDataPopulator implementation to the AuthenticationManager that will place an arbitrary attribute into an Authentication object's attributes map. From there, merely modify the view that generate's the XML response to retrieve the attribute value and place it in your custom XML. The view is in a JSP file in the WEB-INF/views/jsp/protocol/2.0 directory.
And of course, modify your clients to understand it ;-) -Scott On 6/6/07, Sarah Arnott <[EMAIL PROTECTED]> wrote:
Hi guys, I know this was discussed on the list last year (http://tp.its.yale.edu/pipermail/cas/2006-February/002168.html) but I'm just wondering exactly how Rutgers and Dartmouth implemented it. Our situation here at Memorial is very similar to Dartmouth College's - we want to authenticate prospective students (and other guests) with CAS and protect our sensitive applications by requiring not only a CAS authentication ticket but an "authentication method" assertion as well. I know CAS 3.1 supports SAML but we're at version 3.0.7, plus it would be nice if this could be implemented such that it won't break the clients and we could modify specific clients to check for the assertion. I can see a few ways of implementing this (e.g. create a new Principal and UsernamePasswordCredentialsToPrincipalResolver classes) but I'm curious to see how you guys did it. TIA, Sarah _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
