[cas-dev] PrincipalConverter

[Velpi]

> One of our needs is to provide our unique ID to applications, so both  
> the x509 and the User/Pass auth handlers create a DartmouthPrincipal  
> instead of a standard Principal. This extended class has several  
> extra attributes which are filled in by the DartmouthPrincipal class  
> from the full conical name.

That's certainly a solid solution, but it's not configurable at all, am I right? 
It would be great if another principal like yours could actually be configured 
to replace the default SimplePrincipal (most people don't like to change the 
code to much, certainly because it's usually a (fatal) annoyance when upgrading).

I tend to agree that it doesn't need an extra class like I suggested earlier. 
But then the principal implementation has to be made configurable. Else most 
people won't be able to use it.
For that it seems the CredentialsToPrincipalResolver needs to be enhanced 
(create an abstractCredentialsToPrincipalResolver) so it allows for the type of 
principal to be made configurable. Because of the directory search, the 
principal itself should to be configurable too, so I think it would be better to 
put a principalFactory in between.
This is again pretty close to the principalConverter idea. The difference is 
that in this case the principal itself will do the conversion, but this does 
feel more clean to me.


More thoughts on this?


--Velpi