Hi
I'd really appreciate some help with the following:
1) Can CAS be configured to populate this Principal object (using a
UserDetailsService perhaps?) by making changes only to the config in the CAS
server
webapp?
2) ...or do I need to add ACEGI to all of my existing apps, and do the
authorization within them.
3) I need to catch specific error messages when logging in e.g. password
expired etc etc. Can this be done in CAS? If not, a suggestion as to how this
can be achieved would be great.
I would like to avoid 2) if possible because I want to make minimal changes to
the existing apps. (aside from adding the filter config)
As some background info, I've got about 10 legacy webapps to protect. They are
running in Tomcat, and although some of them use Spring etc, most of them are
non-spring, so adding ACEGI/Spring Security to them would be difficult.
I've set up CAS to act as my SSO and it authenticates against our LDAP server,
and this works OK. It successfully blocks access to a couple of apps I have
configured to use the CAS filter
All of the apps require a Principal object to be stored in the session for a
logged in user. This contains the users' roles, which the apps use to make
authorization decisions.
Thanks
Richard
_________________________________________________________________
Search and win with BigSnapSearch.com
http://www.bigsnapsearch.com
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
