[cas-dev] Retrieve Principal Id in an ActionState

[Daniel Almeida]

Hi,

I'm writing an ActionState to add to the CAS Webflow, which has to check 
after the user authenticates correctly if his password is expired, is 
expiring (in less than 30 days), or if it's OK.

We're using 3 different authentication handlers:

- An username/password authentication handler that queries our Kerberos
- X.509 Authentication Handler
- SPNEGO Authentication Handler

And use LDAP to resolve the Principal from the credentials.

When a password is expiring or has expired, we want to redirect the user 
to a password change web page, passing as parameters the Principal Id 
and the original service URL, so we can warn the user that his password 
is expiring or that it has expired, and maintain the context (the 
service where the user was authenticating).

This is mandatory, regardless of the authentication handler/method used, 
and we only give a TGT  after this check and only if the password is OK 
or expiring in < 30 days.

The problem is that we can't "get" the principal Id in the ActionState 
we're writing, that looks like:


public final class ISTChangePasswordWebpageAction extends AbstractAction {
	
     private String istid;
     private String serviceURL;


	protected Event doExecute(RequestContext context) {
		
		
	  try{
		final HttpServletResponse response = 
WebUtils.getHttpServletResponse(context);
		final WebApplicationService service = WebUtils.getService(context);

         istid = ? // principal id independent from Authentication 
Handler/method used

response.sendRedirect("https://changepasswordURL?"+ "url=" + 
service.getId() + "&istid=" + istid);	

	  }catch(Exception e){
		  ...
	  }
	  return result("success");
	
	}
}

Is there any simple way to retrieve the Principal Id in an ActionState?

Does anyone have a better approach to this problem? Preferably with no 
changes to the cas-core?

Thanks in advance,
Daniel Almeida

Centro de Informática do Instituto Superior Técnico, Portugal
http://www.ist.utl.pt/