[cas-dev] Trouble with Custom Principal/CredentialToPrincipalResolver

[Sean R. McNamara]

Hello all,

I just recently inherited a 3.0.6 CAS environment, and am working to 
upgrade to 3.2 and implement clustering.  

We have a handful of customizations built into our server, namely a 
custom Authentication Handler and Principal.

I'm struggling to understand exactly how a set of credentials are 
matched to a particular Principal type.   Basically what I am seeing is 
that our customizations work fine in the 3.0.6 build, but once moved 
over and built into 3.2, no longer work as expected.  

The custom Auth. Handler validates the credentials appropriately, 
however it appears the credentials are being identified as a 
SimplePrincipal when I try to do a service validation after being issued 
a ticket.   I know this since I get a exception telling me that the 
custom attributes I'm referencing (added to 
casServiceValidationSuccess.jsp) cannot be accessed in a SimplePrincipal 
object.

I've seen some mention of a LoginFormAction to specify what type of 
Principal should be used, but, AFAIK -- this is no longer valid in 3.X 
releases.   Of course there's a CredentialToPrincipalResolver (and is 
set in deployerConfigContex),  but, the odd thing is -- it doesn't 
appear to be being called.   As a test, I changed the supports method to 
always return true, and still had no luck.   Interestingly, the

I know I'm not giving a lot to go on, so if anyone needs any technical 
details, I can send them along tomorrow AM.   In the meantime, if anyone 
has any pointers or can see any red flags from what I've explained so 
far, I'd appreciate the heads up.  

Thanks very much in advance!

..Sean.