Gaetan Dardy wrote : > Hi, > > I've got several questions to ask : > + I'm using LDAP attributes through the bean "attribRepository" and the > manage.html page shows me the attributes when adding a new service. So I > suppose these attributes do exist in the CAS reply. Of course, i'd like > to use the attributes, especially with the PHP client. After reading the > phpCAS code, I assume it is not yet possible. Is it true ?
Even if CAS does store and manage user attributes, only SAML allow standard use of attributes in CAS. If you don't want to go for SAML, you can still develop your own ServiceValidateController to extend the CAS 2.0 protocol or rely on a WebService ... In these former cases, you'll need to adapt your client API to interpret this non standard protocol. > + I also assume that the attributes are sent in the ST, maybe de TGC > (with luck), am I right ? Nop, TGC and ST do not store any personal information they are just random /pointers/ to the Principal object stored in CAS. > + Is it possible to easily "read" this reply in order to check the > attributes without using JSP and themes ? IMO, themes won't help. You'd better use WebService or a ServiceValidateController or a /view/ of a ServiceValidateController. > + Is it possible to have more documentation on SAML 1.1 and the way CAS > manage it (http://www.ja-sig.org/wiki/display/CASUM/SAML+1.1) ? > +Moreover I'd like to know how CAS deployers had dealt with attributes > before, for example, to distinguish students from teachers for one page. > How to provide the right page, using another API outside CAS after > authentication ? We've chosen a WebService for the extended validation of ST. But SAML is the standard way for this. Note: this subject has been highly discussed in the list. If you haven't yet, browse the archive for more advices... Romain > > Sorry to bother the list with so many questions. > Thanks, > > Regards, > > Gaëtan Dardy. > SENTIER-Université Lyon 2. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
