[cas-dev] CAS-488
Marvin S. Addison
serac at exchange.vt.edu
Wed Jun 13 10:51:29 EDT 2007
> Is that a direct replacement for the existing
> CredentialsToPrincipalResolver
Replacement. It was my intention to preserve the existing functionality
of translating one principal ID to another while adding new
functionality to allow additional attribute population. It may be a bit
klunky to require the principalAttributeName property if all you want is
a way to populate attributes from LDAP, but it's easy enough to specify
the same principal name as the current one. (This is exactly what I did
for testing.) In both cases, you're querying LDAP for attributes, so
the operations are related from an implementation perspective. Perhaps
there is a parent-child class relationship here, but it seems good
enough to leave the two features comingled in one class for now. We
actually have a use case for both features simultaneously: our X.509
certs have a numeric ID on them, and we need to translate that to the
alphanumeric user ID as well as loading user attributes.
If you'd like me to make any changes to the code I submitted, I'd be
pleased to do so.
Regards,
M
More information about the cas-dev
mailing list