Cas and external token
Scott Battaglia
scott.battaglia at gmail.com
Thu Mar 13 13:38:20 EDT 2008
Stefan,
If you are passing a token via an HttpServletRequest (either as a cookie or
some request parameter), you should extend the
AbstractNonInteractiveLoginAction to construct a credentials object from the
request parameter without prompting the user for anything (this is what the
X.509 and SPNEGO code does). You'll then create an AuthenticationHandler
that can do stuff with that token (i.e. authenticate it) and a
CredentialsToPrincipalResolver that can find the principal for that token.
Wire them all up in the appropriate places (I make that sound so easy don't
I? ;-)) and you should be good to go.
-Scott
On Thu, Mar 13, 2008 at 12:02 PM, Bocken Stefan <Stefan.Bocken at is4u.be>
wrote:
> Hi all,
>
> We have our own Token (Cookie or Query parameter) and we would like to
> know how we can give this token to CAS so that CAS can create a session
> for this Token. The Token contains the necessary attributes.
> Is this done via a new controller or is there another way of doing this?
>
> Best regards,
>
> Stefan Bocken
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080313/d72980d0/attachment.html
More information about the cas
mailing list