access to authentication method
Scott Battaglia
scott.battaglia at gmail.com
Wed Jun 6 15:36:45 EDT 2007
Sarah,
You can add an AuthenticationMetaDataPopulator implementation to the
AuthenticationManager that will place an arbitrary attribute into an
Authentication object's attributes map. From there, merely modify the view
that generate's the XML response to retrieve the attribute value and place
it in your custom XML. The view is in a JSP file in the
WEB-INF/views/jsp/protocol/2.0 directory.
And of course, modify your clients to understand it ;-)
-Scott
On 6/6/07, Sarah Arnott <sarnott at mun.ca> wrote:
>
> Hi guys,
>
> I know this was discussed on the list last year
> (http://tp.its.yale.edu/pipermail/cas/2006-February/002168.html) but I'm
> just wondering exactly how Rutgers and Dartmouth implemented it.
>
> Our situation here at Memorial is very similar to Dartmouth College's -
> we want to authenticate prospective students (and other guests) with CAS
> and protect our sensitive applications by requiring not only a CAS
> authentication ticket but an "authentication method" assertion as well.
> I know CAS 3.1 supports SAML but we're at version 3.0.7, plus it would
> be nice if this could be implemented such that it won't break the
> clients and we could modify specific clients to check for the assertion.
>
> I can see a few ways of implementing this (e.g. create a new Principal
> and UsernamePasswordCredentialsToPrincipalResolver classes) but I'm
> curious to see how you guys did it.
>
> TIA,
> Sarah
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070606/c8d4b3fc/attachment.html
More information about the cas
mailing list