[cas-dev] Trouble with Custom Principal/CredentialToPrincipalResolver

Scott Battaglia scott.battaglia at gmail.com
Tue Mar 18 07:54:52 EDT 2008 

Sean,

The only way your CredentialsToPrincipalResolver would not get called would
be if there was one higher up in the list than yours that matched the
principal.  Check to see if there are any other
CredentialsToPrincipalResolvers configured that may be executed before your
custom one.

-Scott

On Mon, Mar 17, 2008 at 8:21 PM, Sean R. McNamara <
sean.r.mcnamara at dartmouth.edu> wrote:

> Hello all,
>
> I just recently inherited a 3.0.6 CAS environment, and am working to
> upgrade to 3.2 and implement clustering.
>
> We have a handful of customizations built into our server, namely a
> custom Authentication Handler and Principal.
>
> I'm struggling to understand exactly how a set of credentials are
> matched to a particular Principal type.   Basically what I am seeing is
> that our customizations work fine in the 3.0.6 build, but once moved
> over and built into 3.2, no longer work as expected.
>
> The custom Auth. Handler validates the credentials appropriately,
> however it appears the credentials are being identified as a
> SimplePrincipal when I try to do a service validation after being issued
> a ticket.   I know this since I get a exception telling me that the
> custom attributes I'm referencing (added to
> casServiceValidationSuccess.jsp) cannot be accessed in a SimplePrincipal
> object.
>
> I've seen some mention of a LoginFormAction to specify what type of
> Principal should be used, but, AFAIK -- this is no longer valid in 3.X
> releases.   Of course there's a CredentialToPrincipalResolver (and is
> set in deployerConfigContex),  but, the odd thing is -- it doesn't
> appear to be being called.   As a test, I changed the supports method to
> always return true, and still had no luck.   Interestingly, the
>
> I know I'm not giving a lot to go on, so if anyone needs any technical
> details, I can send them along tomorrow AM.   In the meantime, if anyone
> has any pointers or can see any red flags from what I've explained so
> far, I'd appreciate the heads up.
>
> Thanks very much in advance!
>
> ..Sean.
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>



-- 
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20080318/7fea7e70/attachment.html

More information about the cas-dev mailing list