We currently have CAS configured as a SSO gateway for a test implementation of Google Apps. Everything is working great, except that we do not want our primary net ID to be the default email address used within GMail. After speaking with Google, they recommend passing the preferred email address within the SAML request. Is it possible to configure the CAS ArgumentExtractor to take a field from AD/LDAP and pass it along in the SAML request for Google to use? If so, how would we go about doing that?
Here is the Google response to our initial inquiry: As for your question about usernames being different from email addresses. This is something that you can do with our Single Sign On API. It will be included in the code that you develop, but basically, you will authenticate off of your system, we will never see that user name and when you send the token back to us it will include the email address that you have assigned. I have included documentation on the API below. Let me know if you have additional questions after looking at it, and I can have you consult a technical specialist.� Single Sign On API -� [ http://code.google.com/apis/apps/sso/saml_reference_implementation.html ]http://code.google.com/apis/apps/sso/saml_reference_implementation.html Thank you for your time, ## Isaac Davis-King ## Web Programming Specialist ## California State University, Monterey Bay ## (831) 582-3869 [EMAIL PROTECTED]
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
