I'm not sure of the answer to the following questions: 1. Can the pac4j support handle multiple IdPs? (I assume the metadata file in the configuration properties can handle multiple EntityDescriptor tags.)
Yes. 2. Assuming (1) is true, is the Login Provider UI smart enough to populate multiple provider buttons for the different IdPs? (This would be really cool, as it would allow me to jettison more custom code.) No. 3. This may be my ignorance of the new Spring way of wiring things (if so, tell me to RTFM), but is it possible to hook in a custom PrincipalResolver to the pac4j AuthenticationHandlers? I have a specialized interface to a proprietary directory to map attributes in the SAML assertion to an entry in our directory. Yes, define bean with this id: https://github.com/apereo/cas/blob/master/support/cas-server-support-pac4j/src/main/java/org/apereo/cas/support/pac4j/config/Pac4jConfiguration.java#L59 If the answer to any of these is 'no', would it be possible to accomodate them with a patch to only CAS code (or custom extensions), or will (at least for (1) and (2)) it require changes to pac4j as well? Always, yes. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/02f701d23a17%24c13328e0%2443997aa0%24%40unicon.net.
