Hi, Is there a clean or recommended way for an authentication handler (custom one extending AbstractUsernamePasswordAuthenticationHandler) to feed data back to the CAS client, beyond accept/reject?
Example: user authenticates as "bob" with password "cow". I'd like to return their email address and assorted other data so the calling CAS client can make full use of its local functionality. Other example: return authorization/permissions info beyond just authentication (allow feature1, deny feature2). Anyone know a clean way to do that? As a workaround, is there a way for an AH to get the servlet container and set a cookie that (given correct cookie scope) the caller could honor? Obviously the cookie would be subject to user modification. Troy _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
