How to customize authn or validation process?
Jean-Noel Colin
jn.colin at gmail.com
Wed Aug 30 09:50:21 EDT 2006
Hi
I would like to achieve the following using CAS:
I have a user db that contains all my users, assigned to groups, and I
run several portals that only users from the proper group may reach
(users from group1 for portal1, group2 for portal2, ...)
Currently, using CAS, if a user has authenticated, he's granted access
to all portals. There's no way to
Looking at CAS architecture, I would see two options of achieving this:
* have a custom Credentials object that contains username, password and
group to log into; if username + password are valid and user belongs to
this group, login succeeds, otherwise, it fails; the question here is
how do I define Credentials, how do I populate the new Credentials
object with the right data and how do I get it passed to my
AuthenticationModule
* have users login as usual but have a custom 'validate' function that
takes as a parameter the ticket, the service + a group, and if the user
whom the ticket was issued for is not part of the group, have the
validation fail
Could you please tell me whether this is feasible and which option would
be best?
Regards
Jean-Noel Colin
More information about the cas
mailing list