Ok, thanks! That seems like a lot less work !!
I've copied the AuthenticationManagerImpl to a
DynamicAuthenticationManagerImpl and decided to have the cas-client-service
callback URLs contain a parameter that I can use in a lookup to instantiate the
appropriate customer-specific AuthenticationHandlers - there must be a way to
access the service that I am trying to authenticate, yes? Then I could call:
service.getId() and that would give me the URL and that in turn would get me my
customer-lookup-code right?
Al;
Allen Joslin
ePath Learning, Inc.
300 State Street, Suite 400
New London, CT 06320
(860) 444-7900 x-43
[email protected]<mailto:[email protected]>
* ePath Learning has been recognized on the Inc. 500/5000 list of the
fastest-growing private companies in America for the past five years, and is a
recipient of the 2013 Marcum Tech Top 40 award, in addition to receiving
multiple product of the year and technology excellence awards.
This message contains information which may be confidential and/or privileged.
Unless you are the intended recipient (or authorized to receive for the
intended recipient), you may not read, use, copy or disclose to anyone the
message or any information contained in the message. If you have received the
message in error, please advise the sender by reply e-mail and delete the
message and any attachment(s) thereto without retaining any copies.
From: Dmitriy Kopylenko [mailto:[email protected]]
Sent: Saturday, January 04, 2014 2:50 PM
To: [email protected]
Subject: Re: [cas-dev] Potential Contribution:
DynamicMappingAuthenticationManagerImpl
Hi Allen.
You should be able to extend the AbstractAuthenticationManager which implements
a "Template Method" design pattern. Then you'd just need to provide an
implementation of an abstract "authenticateAndObtainPrincipal" method in your
custom authn manager:
https://github.com/Jasig/cas/blob/v3.5.2/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractAuthenticationManager.java#L94
Cheers,
Dmitriy.
On Jan 4, 2014, at 12:07 PM, Al Joslin
<[email protected]<mailto:[email protected]>> wrote:
Hello,
First off - thanks for a great product !
To business: I have a use-case that doesn't seem to be covered
by the CAS architecture AFAIK. If this is the case, and if my [eventual]
implementation meets guidelines I'd like to submit it for later inclusion in
the CAS product. To that end I'd like to describe my plan and if it meets with
your approval I'd continue on towards the goal of both successfully supporting
my use case and contributing to your project.
We are developing a new product that will offer multiple
authentication integration options (AD/LDAP/Federated/etc...) to multiple
clients. I can't use the current
keep-trying-different-authenticators-until-you-succeed approach -- as client A
should not be asked to authenticate users from clients B, C, D, and so on...
My Plan:
AuthenticatingSource(): AuthSrcId,
AuthHandlerName, configValuesMap
DynamicMappingAuthenticationManagerImpl():
DefaultAuthSrcId, AuthSourceList[]: AuthenticatingSource
I envision a DynamicMappingAuthenticationManagerImpl which will
interrogate the Credentials object for an AuthSrcId which would be used to
subset a full master list of AuthenticatingSources to create a client-specific
list of AuthSources that would then be used to attempt authentication via the
normal keep-trying-different-authenticators-until-you-succeed approach. The
DynamicMappingAuthenticationManagerImpl would require a DefaultAuthSrcId to be
used when the Credentials interrogation fails to yield an AuthSrcId.
I would have thought to subclass AuthenticationManagerImpl and
override the authenticate() function to subset the master list before calling
the ancestor:authenticate() function - but I'm quite old-school and don't know
how to do this when a class is marked 'final'...
I'd appreciate any implementation tips/directions/redesigns you
might offer before I get started.
Thanks!
Allen Joslin
ePath Learning, Inc.
300 State Street, Suite 400
New London, CT 06320
(860) 444-7900 x-43
[email protected]<mailto:[email protected]>
* ePath Learning has been recognized on the Inc. 500/5000 list of the
fastest-growing private companies in America for the past five years, and is a
recipient of the 2013 Marcum Tech Top 40 award, in addition to receiving
multiple product of the year and technology excellence awards.
This message contains information which may be confidential and/or privileged.
Unless you are the intended recipient (or authorized to receive for the
intended recipient), you may not read, use, copy or disclose to anyone the
message or any information contained in the message. If you have received the
message in error, please advise the sender by reply e-mail and delete the
message and any attachment(s) thereto without retaining any copies.
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
You are currently subscribed to
[email protected]<mailto:[email protected]> as:
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
