Adding Attributes to the Principal

Scott Battaglia scott.battaglia at gmail.com
Mon Sep 17 15:16:51 EDT 2007 

I'm in the process of working on it.  I kind of messed up Java on my Mac
today so I had to resolve that so I'm a little behind schedule ;-)

-Scott

On 9/17/07, Marat Radchenko <slonopotamusorama at gmail.com> wrote:
>
> I see. Can I look at your work somewhere?
>
> 2007/9/17, Scott Battaglia <scott.battaglia at gmail.com>:
> > Marat,
> >
> > There is currently no officially modified response format that supports
> > attributes.  I'm working on updating the JA-SIG CAS Client for Java to
> > utilize the SAML response.
> >
> > -Scott
> >
> >
> >  On 9/16/07, Marat Radchenko <slonopotamusorama at gmail.com> wrote:
> > > Is there any "official" modified response format that supports
> attributes?
> > >
> > > 2007/9/16, Scott Battaglia <scott.battaglia at gmail.com>:
> > > > Ross,
> > > >
> > > > The AuthenticationManager is the portion of CAS that constructs the
> > > > Principal.  You'll need to configure your custom authentication
> handler
> > and
> > > > your CredentialsToPrincipalResolver in the deployerConfigContext as
> part
> > of
> > > > the AuthenticationManager.
> > > >
> > > > You'll also need to use either the SAML 1.1 response or a modified
> CAS
> > 2.0
> > > > response so that your client can actually retrieve the attributes.
> > > >
> > > > The CAS 2.0 responses are JSP pages that you can modify located in
> the
> > > > WEB-INF/views/jsp/protocol/2.0 directory.
> > > >
> > > > -Scott
> > > >
> > > >
> > > > On 9/14/07, Ross Bleakney < rossbleakney at hotmail.com> wrote:
> > > > >
> > > > >
> > > > > I would like to return more than the user name from the server.
> So, I
> > > > changed my authentication handler to do the following:
> > > > >
> > > > > public class MyHandler implements AuthenticationHandler{
> > > > >     public boolean authenticate(Credentials cred) throws
> > > > AuthenticationException {
> > > > >         UsernamePasswordCredentials upCred =
> > (UsernamePasswordCredentials)
> > > > cred;
> > > > >
> > > > >         String username = upCred.getUsername();
> > > > >         String password = upCred.getPassword();
> > > > >         try {
> > > > >             MyAccount account = MyAccount.authenticate(username,
> > > > password);
> > > > >
> > > > UsernamePasswordCredentialsToPrincipalResolver resolver
> > =
> > > > >                new
> > > > UsernamePasswordCredentialsToPrincipalResolver();
> > > > >             Principal principal = resolver.resolvePrincipal
> (upCred);
> > > > >             StubPersonAttributeDao stub = new
> > StubPersonAttributeDao();
> > > > >             HashMap<String, Object> map = new HashMap<String,
> > > > Object>(principal.getAttributes());
> > > > >             map.put("AccountID", account.getAccountID());
> > > > >             stub.setBackingMap(map);
> > > > >             resolver.setAttributeRepository (stub);
> > > > >         } catch (Throwable e) {
> > > > >             return false;
> > > > >         }
> > > > >
> > > > >         return true;
> > > > >     }
> > > > >     ...
> > > > > }
> > > > >
> > > > > So, now I have a few questions:
> > > > >
> > > > > 1) Should this work?
> > > > > 2) How do I get the information out on the client side (servlet)?
> > > > >
> > > > > I can get the receipt from the client side (using
> > > > session.getAttribute(CASFilter.CAS_FILTER_RECEIPT)), but I don't
> know
> > how to
> > > > resolve that into a set of attributes. If I just had a lump of xml,
> I
> > could
> > > > easily parse through it, but I don't know how to get that.
> > > > >
> > > > > Thanks,
> > > > > Ross
> > > > > ________________________________
> > > > Gear up for Halo(r) 3 and get a $25 Best Buy gift card. It's our way
> of
> > saying
> > > > thanks for using Windows Live™. Get it now!
> > > > > _______________________________________________
> > > > > Yale CAS mailing list
> > > > > cas at tp.its.yale.edu
> > > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > -Scott Battaglia
> > > >
> > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > > > _______________________________________________
> > > > Yale CAS mailing list
> > > > cas at tp.its.yale.edu
> > > > http://tp.its.yale.edu/mailman/listinfo/cas
> > > >
> > > >
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> >
> >
> >
> > --
> > -Scott Battaglia
> >
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>



-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070917/7c6786eb/attachment.html

More information about the cas mailing list