Hi Jérôme, Thanks for your reply. I understand that it is needed to distinguish principal ID in different profiles and I agree it should be the default setting. However, the client side must be pac4j-aware or if the client is not a Java application, it must put custom code to extract the real identifier from the principal ID. This actually causes us big problem in deployment the pac4j module when we have to consider the backward compatibility.
Regards, -Ken On Sat, Apr 20, 2013 at 3:56 PM, jleleu <[email protected]> wrote: > Hi Ken, > > Thanks for being an early adopter ;-) > > You raise an interesting concern about profiles distinction : with > multiple sources of authentication, I think that the typed id is absolutely > necessary to know which was the authentication provider. > > That said, you're right, you still need to distinguish between different > profiles in the CAS client applications. And I have anticipated that with > the ProfileHelper class in the pac4j-core library : > https://github.com/leleuj/pac4j/blob/master/pac4j-core/src/main/java/org/pac4j/core/profile/ProfileHelper.java > . > > On client side, you need to add the appropriate dependencies : pac4j-core > + pac4j-cas (if you delegate authentication to another CAS server). After > service ticket validation, you will be returned a CAS assertion with > identifier and attributes. With that information and the ProfileHelper > methods, you can test : > if (ProfileHelper.isTypedIdOf(returnedId, CasProfile.class)) > and rebuild the profile : > CasProfile casProfile = (CasProfile) > ProfileHelper.buildProfile(returnedId, returnedAttributes); > > Best regards, > Jérôme > > P.S. : I need some last update to configure properly the CAS server > regarding pac4j support. You may encounter some missing attributes on > client side right now. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
