Simon, Could you direct this question to the uportal-user list?
Thank you, -Eric Simon Farrell wrote:
Hi,I'm authenticating a community of uPortal 3.01 end users against Shibboleth. At authentication time I extract group memberships from the HTTP headers and cache them as IPerson attributes. I've set up a 1:1 mapping between PAGS groups and Shibboleth groups. I hoped I could simply override PersonAttributesGroupStore.contains() to validate group membership based on these attributes but (I guess by design) there seems to be no way to access the authenticated IPerson object from the PAGS classes.Can anyone suggest another way to map users to groups without using a persistent datastore? Because authentication is federated, I can't always map users to a remote LDAP directory or RDBMS instance; I get access to the membership information only at the point of authentication, contained in HTTP headers.Thanks in advance!
smime.p7s
Description: S/MIME Cryptographic Signature
