And by number I mean I've seen one Merging Attribute Dao ;-) -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Wed, Oct 29, 2008 at 11:58 AM, Scott Battaglia <[EMAIL PROTECTED] > wrote: > Marvin, > > PersonDirectory has a number of merging PersonAttributeDaos that may do > what you need. > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > On Wed, Oct 29, 2008 at 11:43 AM, Marvin S. Addison <[EMAIL PROTECTED]> wrote: > >> There does not appear to be a feature in CAS 3.3 that allows chaining >> of attribute repositories. It would be very beneficial to allow >> CredentialsToPrincipalResolver instances to consult a number of >> IPersonAttributeDao instances for attributes about the authenticated >> principal: >> >> <bean class="CredentialsToLDAPAttributePrincipalResolver"> >> <property name="credentialsToPrincipalResolver"> >> <bean class="X509CertificateCredentialsToIdentifierPrincipalResolver"> >> <property name="identifier" value="$UID" /> >> </bean> >> </property> >> <property name="filter" value="(uid=%u)" /> >> >> <!-- The attribute used to define the new Principal ID --> >> <property name="principalAttributeName" value="uupid" /> >> >> <property name="searchBase" value="ou=People,dc=vt,dc=edu" /> >> <property name="contextSource" ref="edAuthContextSource" /> >> <property name="attributeRepositories> >> <list> >> <ref bean="primaryLdapRepository" /> >> <ref bean="secondaryLdapRepository" /> >> </list> >> </property> >> </bean> >> >> I realize that for CredentialsToLDAPAttributePrincipalResolver it may >> only make sense to consult LDAP repositories, but the true power of >> chained attribute sources lies in arbitrary data sources (e.g. RDBMS, >> statically-configured). The Shib Java IDP supports this feature, and >> I can say from experience that it's powerful. >> >> Please speak up if you think this feature would be beneficial. We may >> have a requirement to support multiple attribute sources, and would be >> willing to contribute our solution if there's interest. >> >> Thanks, >> Marvin >> _______________________________________________ >> cas-dev mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas-dev >> > >
_______________________________________________ cas-dev mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas-dev
