Return More than User Name

Barrow Kwan bhkwan at thoughtworks.com
Mon Aug 6 02:11:34 EDT 2007 

Thanks Scott.  I took a quick look and this seems to be straightforward.

I have a few comments :
1. on CAS website, it show us the CVS information.  I didn't realize  
that until you mention about Subversion.  I have to do a search on  
the Wiki site to find out the SVN location.
2. the Personal Directory site seems out-of-date especially if I use  
personal directory V1.


I think my question about accessing the attributes in the JSP is not  
very clear, what I really mean is if  principal is available as a tag  
( eg,  I can reference principal in the JSP as $(principal) throught  
the Spring Tag library ).


thanks



On Aug 5, 2007, at 5:46 PM, Scott Battaglia wrote:

> I just looked at the RC4 code and the  
> UsernamePasswordCredentialsToPrincipalResolver should call the  
> PersonDirectory to retrieve any attributes for that username.  You  
> wil need to configure an instance of PersonDirectory
>
> PersonDirectory documentation can be found here:
> http://developer.ja-sig.org/projects/person-directory/
> http://www.ja-sig.org/wiki/display/UPC/Person+Directory
>
> The first link is probably more up-to-date.
>
> -Scott
>
> On 8/5/07, Scott Battaglia <scott.battaglia at gmail.com> wrote:
> Barrow,
>
> You can either use one of the existing examples that utilizes the  
> PersonDirectory project to retrieve attributes.  Or, you can write  
> a custom CredentialsToPrincipalResolver that will call  
> PersonDirectory.  I'm going to see if I can write one that does  
> that for the 3.1 release.
>
> You should be able to access the attributes in the JSP page as you  
> would any other JavaBean in principal.attributes["attribute"] where  
> principal is the principal whos attribute you want to retrieve.
>
> If I get a new CredentialsToPrincipalResolver into Subversion I  
> will let you know.
>
> -Scott
>
>
> On 8/5/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
> I am still not sure how this works,
>
> ( PS: I am using CAS 3.1RC4 )
>
> 1. Principal:
> 	I have looked at UsernamePasswordCredentialsToPrincipalResolver as  
> an example.  It creates and return the Principal as
> ..
> return new SimplePrincipal(usernamePasswordCredentials.getUsername());
> ..
>
> 	So, do I need to create the "attributes" map and pass to the  
> Principal's constructor?
>
> eg
> return new  MyComplexPrincipal 
> (usernamePasswordCrednetials.getUsername(),  
> myAttributesMapWithAdditionalStuff );
>
> myAttributesMapWithAdditionalStuff is my Map that contain  
> informations like email, first/last name ,etc...
>
>
>
>
> 2. I am trying to customize casGenericSuccess.jsp, how do I  
> retrieve information from MyComplexPrincipal?
>
>
>
> Thanks
>
>
>
> On Aug 2, 2007, at 5:56 AM, Scott Battaglia wrote:
>
>> In the latest CAS release, the Principal has a new property called  
>> "attributes" which is map.  There are implementations that obtain  
>> attributes from the JA-SIG PersonDirectory API and populate that  
>> map.  CAS 3.1 will return those attributes via the SAML response  
>> (though you'll need to use it in conjunction with the Services  
>> Management tool to "release" the attributes to the client  
>> applications).
>>
>> In Subversion, there should be a SAMLTicketValidator that will  
>> parse the SAML response.  Note that its not 100% compatible with  
>> the current CAS Server release because the protocol states that  
>> the artifact resolution request should come over SOAP (the  
>> TicketValidator in HEAD merely sends it as a HTTP Request  
>> parameter).  Its not a very difficult change to make though.  I  
>> just haven't had time yet.
>>
>> -Scott
>>
>> On 8/1/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>> this question was asked back to april and Scott said :
>>
>> You just need to create a CredentialsToPrincipalResolver that returns
>> attributes and then use the /samlValidate url instead of / 
>> serviceValidate
>> (and an appropriate TicketValidator).  The CAS Client for Java 3.1- 
>> m1 has a
>> SamlTicketValidator you can use as an example.
>>
>> -Scott
>>
>>
>> I still stuck with the  Saml, did someone has a working example we  
>> can reference?
>>
>>
>> thanks
>>
>>
>>
>> Barrow Kwan
>> ThoughtWorks Inc
>> 410 Townsend St, 4th Floor
>> San Francisco, CA 94107
>> USA
>> (415)869-3103
>>
>>
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>>
>>
>>
>> -- 
>> -Scott Battaglia
>>
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>
> Barrow Kwan
> ThoughtWorks Inc
> 410 Townsend St, 4th Floor
> San Francisco, CA 94107
> USA
> (415)869-3103
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
>
> -- 
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>
>
>
> -- 
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas

Barrow Kwan
ThoughtWorks Inc
410 Townsend St, 4th Floor
San Francisco, CA 94107
USA
(415)869-3103



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070805/a79974ca/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2407 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20070805/a79974ca/attachment.bin

More information about the cas mailing list