About openid: how to set up a local mechanism for generating URIs for your users based on their username and make it work

[Allen Chen]

Recently I try to enable the openid support on cas server. 
But I have some questions. 

1 According to instructions of the cas user manual (http://www.ja-sig.org/wiki/display/CASUM/OpenID), user is required to set up a local mechanism for generating URIs for your users based on their username. But how? Can anyone tell me more about the details? 

2 Besides, is it something wrong with the wiki instruction (http://www.ja-sig.org/wiki/display/CASUM/OpenID)? In the AuthenticationManager configuration part,  OpenIdCredentialsAuthenticationHandler is required to add to the AuthenticationManager. And that will cause exception as follows:
2008-03-20 14:04:18,312 ERROR [org.springframework.web.context.ContextLoader] - <Context initialization failed>
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'centralAuthenticationService' de
fined in ServletContext resource [/WEB-INF/spring-configuration/applicationContext.xml]: Cannot resolve reference to bea
n 'authenticationManager' while setting bean property 'authenticationManager'; nested exception is org.springframework.b
eans.factory.BeanCreationException: Error creating bean with name 'authenticationManager' defined in ServletContext reso
urce [/WEB-INF/deployerConfigContext.xml]: Error setting property values; nested exception is org.springframework.beans.
PropertyBatchUpdateException; nested PropertyAccessExceptions (1) are:
PropertyAccessException 1: org.springframework.beans.TypeMismatchException: Failed to convert property value of type [ja
va.util.ArrayList] to required type [java.util.List] for property 'credentialsToPrincipalResolvers'; nested exception is
 java.lang.IllegalArgumentException: Cannot convert value of type [org.jasig.cas.support.openid.authentication.handler.s
upport.OpenIdCredentialsAuthenticationHandler] to required type [org.jasig.cas.authentication.principal.CredentialsToPri
ncipalResolver] for property 'credentialsToPrincipalResolvers[2]': no matching editors or conversion strategy found

But if put the OpenIdCredentialsAuthenticationHandler into the AuthenticationHandler, the exception will gone! I wonder whether it's a mistake on the wiki?

3 I have another question too. Even I can start the cas server without failure, the openid server doesn't work. Can anybody tell where i can find some sample to work it out?

Thank you in advance!





Allen Chen
2008-03-20
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080320/32e4fd2a/attachment.html