OK, Well.. I feel so old and out of touch... I got the whole thing running in Eclipse and get a debugger up and I can't find any classes that have access to the request that executes prior to my subclass of AbstractAuthenticationManager
I had found a CredentialsBinder (comments say it's going to be replaced with something better in CAS4) subclass that would bind the request to the credentials - which I figured I could get at in my code - but I can't find where to hook that in. If I could do that I'd just extract and bind the clientCode... I found the CentralAthenticationServiceImpl - which seems to be fairly central, but no breakpoints in there function at all, so I can't do any binding in there... My java skillz are just too old and broken, sigh... My project is not going to go live for months and months - I'd happily use CAS4, and I've seen a few notes referencing it -- but I can't find it to download it Allen Joslin ePath Learning, Inc. 300 State Street, Suite 400 New London, CT 06320 (860) 444-7900 x-43 [email protected]<mailto:[email protected]> * ePath Learning has been recognized on the Inc. 500/5000 list of the fastest-growing private companies in America for the past five years, and is a recipient of the 2013 Marcum Tech Top 40 award, in addition to receiving multiple product of the year and technology excellence awards. This message contains information which may be confidential and/or privileged. Unless you are the intended recipient (or authorized to receive for the intended recipient), you may not read, use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail and delete the message and any attachment(s) thereto without retaining any copies. From: Al Joslin [mailto:[email protected]] Sent: Monday, January 06, 2014 7:21 AM To: [email protected] Subject: RE: [cas-dev] Potential Contribution: DynamicMappingAuthenticationManagerImpl Ok, thanks! That seems like a lot less work !! I've copied the AuthenticationManagerImpl to a DynamicAuthenticationManagerImpl and decided to have the cas-client-service callback URLs contain a parameter that I can use in a lookup to instantiate the appropriate customer-specific AuthenticationHandlers - there must be a way to access the service that I am trying to authenticate, yes? Then I could call: service.getId() and that would give me the URL and that in turn would get me my customer-lookup-code right? Al; Allen Joslin ePath Learning, Inc. 300 State Street, Suite 400 New London, CT 06320 (860) 444-7900 x-43 [email protected]<mailto:[email protected]> * ePath Learning has been recognized on the Inc. 500/5000 list of the fastest-growing private companies in America for the past five years, and is a recipient of the 2013 Marcum Tech Top 40 award, in addition to receiving multiple product of the year and technology excellence awards. This message contains information which may be confidential and/or privileged. Unless you are the intended recipient (or authorized to receive for the intended recipient), you may not read, use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail and delete the message and any attachment(s) thereto without retaining any copies. From: Dmitriy Kopylenko [mailto:[email protected]] Sent: Saturday, January 04, 2014 2:50 PM To: [email protected]<mailto:[email protected]> Subject: Re: [cas-dev] Potential Contribution: DynamicMappingAuthenticationManagerImpl Hi Allen. You should be able to extend the AbstractAuthenticationManager which implements a "Template Method" design pattern. Then you'd just need to provide an implementation of an abstract "authenticateAndObtainPrincipal" method in your custom authn manager: https://github.com/Jasig/cas/blob/v3.5.2/cas-server-core/src/main/java/org/jasig/cas/authentication/AbstractAuthenticationManager.java#L94 Cheers, Dmitriy. On Jan 4, 2014, at 12:07 PM, Al Joslin <[email protected]<mailto:[email protected]>> wrote: Hello, First off - thanks for a great product ! To business: I have a use-case that doesn't seem to be covered by the CAS architecture AFAIK. If this is the case, and if my [eventual] implementation meets guidelines I'd like to submit it for later inclusion in the CAS product. To that end I'd like to describe my plan and if it meets with your approval I'd continue on towards the goal of both successfully supporting my use case and contributing to your project. We are developing a new product that will offer multiple authentication integration options (AD/LDAP/Federated/etc...) to multiple clients. I can't use the current keep-trying-different-authenticators-until-you-succeed approach -- as client A should not be asked to authenticate users from clients B, C, D, and so on... My Plan: AuthenticatingSource(): AuthSrcId, AuthHandlerName, configValuesMap DynamicMappingAuthenticationManagerImpl(): DefaultAuthSrcId, AuthSourceList[]: AuthenticatingSource I envision a DynamicMappingAuthenticationManagerImpl which will interrogate the Credentials object for an AuthSrcId which would be used to subset a full master list of AuthenticatingSources to create a client-specific list of AuthSources that would then be used to attempt authentication via the normal keep-trying-different-authenticators-until-you-succeed approach. The DynamicMappingAuthenticationManagerImpl would require a DefaultAuthSrcId to be used when the Credentials interrogation fails to yield an AuthSrcId. I would have thought to subclass AuthenticationManagerImpl and override the authenticate() function to subset the master list before calling the ancestor:authenticate() function - but I'm quite old-school and don't know how to do this when a class is marked 'final'... I'd appreciate any implementation tips/directions/redesigns you might offer before I get started. Thanks! Allen Joslin ePath Learning, Inc. 300 State Street, Suite 400 New London, CT 06320 (860) 444-7900 x-43 [email protected]<mailto:[email protected]> * ePath Learning has been recognized on the Inc. 500/5000 list of the fastest-growing private companies in America for the past five years, and is a recipient of the 2013 Marcum Tech Top 40 award, in addition to receiving multiple product of the year and technology excellence awards. This message contains information which may be confidential and/or privileged. Unless you are the intended recipient (or authorized to receive for the intended recipient), you may not read, use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail and delete the message and any attachment(s) thereto without retaining any copies. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
