I have setup a 4.0 CAS server which delegated authentication to another CAS server via pac4j CasProfile. The ClientCredentialsToPrincipalResolver returns principal Id which is the profile type + # + the identifier. It differs from the UsernamePasswordCredentialsToPrincipalResolver which returns the identifier only. It may cause problem in the CAS client side to note the difference between two. Could it be added a property to set ClientCredentialsToPrincipalResolver to return identifier only? By default, it returns typed identifier. The change is simple and added flexibility if someone needs this principal compatibility.
Regards, -Ken -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
