Hi, You're right : that's an option.
That said, I would prefer the centralized approach (in the CAS server). Let's say your society merge with another one and that you have now two LDAPs to query (to get the roles): what would be the best strategy ? Upgrade all your client applications or just upgrade your CAS server ? Best, Jérôme -- View this message in context: http://shiro-user.582556.n2.nabble.com/How-shiro-cas-could-get-the-user-authorization-info-tp7579334p7579337.html Sent from the Shiro User mailing list archive at Nabble.com.
