Re: [cas-user] Using the username field pre-authentication to do home realm discovery?

2023-12-04 Thread Ray Bon 
Sean,

If you have multiple authentication sources (cas.authn. properties), cas will 
check each one for the username, and stop when when authn completes. This will 
work if each username is unique across realms or you can put authn sources in 
an order that would catch users, in multiple realms, with their main realm.

I seem to remember a discussion on the list about two step authn (enter 
username on one page, then password on the next).

Ray

On Mon, 2023-11-27 at 18:45 -0800, Sean F wrote:
Notice: This message was sent from outside the University of Victoria email 
system. Please be cautious with links and sensitive information.

Hi. I'm curious if CAS can be used to do home realm discovery after the user 
enters their username?

My proposed workflow would be:

1. User enters a username
2. The authentication strategy would depend on what the user entered by looking 
up the username with a REST service (or some other strategy)
3. One type of username would use LDAP authentication, a different type of 
username would be sent to Azure AD to complete the authentication.

Thanks!

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6e7d2276f6d7cc4edd10ed56e4c7c480ceed43f1.camel%40uvic.ca.

Re: [cas-user] Using the username field pre-authentication to do home realm discovery?

2023-11-28 Thread Mohamed Amdouni 
Hello,

I think that it could be possible using pac4j (cas delegated
authentication) and you choose the dynamic type with some groovy scripts :
https://apereo.github.io/cas/6.5.x/integration/Delegate-Authentication.html

But I don’t know if you can process the ldap authentication with the same
cas instance or you can delegate to a second instance. To test…

Best regards

Le mar. 28 nov. 2023 à 05:51, Sean F  a écrit :

> Hi. I'm curious if CAS can be used to do home realm discovery after the
> user enters their username?
>
> My proposed workflow would be:
>
> 1. User enters a username
> 2. The authentication strategy would depend on what the user entered by
> looking up the username with a REST service (or some other strategy)
> 3. One type of username would use LDAP authentication, a different type of
> username would be sent to Azure AD to complete the authentication.
>
> Thanks!
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/7612de9b-7aa5-4622-8d0f-77491100n%40apereo.org
> 
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CALmwvcYTZRoWY%2B0p2DvVCLSjY1emfKXtgyufCw32Bokrufz-9A%40mail.gmail.com.

[cas-user] Using the username field pre-authentication to do home realm discovery?

2023-11-27 Thread Sean F 
Hi. I'm curious if CAS can be used to do home realm discovery after the 
user enters their username?

My proposed workflow would be:

1. User enters a username
2. The authentication strategy would depend on what the user entered by 
looking up the username with a REST service (or some other strategy)
3. One type of username would use LDAP authentication, a different type of 
username would be sent to Azure AD to complete the authentication.

Thanks!

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7612de9b-7aa5-4622-8d0f-77491100n%40apereo.org.