CAS w/ ACEGI

Larry Symms lsymms at gmail.com
Tue Mar 18 13:48:49 EDT 2008 

Ok, I'm very close to getting this.  I'm passing attributes from a 
remote CAS server through to the Acegi client.  I've written a custom 
MetaDataPopulator on the server side and a cutom ProxyTicketValidator on 
the client side.  What I'm not seeing is how to get the class name of 
the successful authenticationHandler from the scope of the 
populateAttribute method of the MetaDataPopulator.  populateAttributes 
takes an Authentication object and Credentials object as parameters.  
The handlers don't modify the credentials or authentication objects so 
it seems the only way to do this would be to add the handler name to the 
principal attributes in the authenticate method of the 
AuthenticationManagerImpl.  So it seems that I would have to write my 
own AuthenticationManagerImpl.  Am I on the right path or can this be 
done in configuration?

Here's my current authenticationManager config from 
deployerConfigContext.xml:

<bean id="authenticationManager"
        class="org.jasig.cas.authentication.AuthenticationManagerImpl">

        <property name="authenticationMetaDataPopulators">
              <list>
                 <bean 
class="com.mycom.server.cas.MyAuthenticationMetaDataPopulator" />
              </list>
        </property>       

        <property name="credentialsToPrincipalResolvers">
            <list>
                <bean
                    
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" 
/>
                <bean
                    
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" 
/>
            </list>
        </property>

        <property name="authenticationHandlers">
            <list>
                <bean
                    
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
                    p:httpClient-ref="httpClient" />
                <bean
                    
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" 
/>
                <bean
                    
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
                    <property name="filter" value="uid=%u" />
                    <property name="searchBase" value="dc=mycom,dc=com" />
                    <property name="contextSource" ref="contextSource" />
                </bean>
            </list>
        </property>
    </bean>

More information about the cas mailing list