There are times I think where this and your previous suggestion (e.g.
your IDM should handle this) aren't quite possible.
Perhaps the source for the product isn't completely available; or
perhaps your IDM doesn't have any groups provisioned (at all, or that
meet your requirements).
Sometimes you may be working in a development environment that doesn't
have complete integration with IDM, and you may want a mock Filter to
stand in place of the options you described.
An extension of AbstractCasFilter that handles this task is pretty
trivial to implement - I've put one together that we're going to
experiment with, we'd be happy to share if there is interest.
On 08/01/2011 12:43 PM, Marvin Addison wrote:
There is also a page that shows how values from a database can be
provided as attributes that allow the use of isUserInRole():
https://wiki.jasig.org/display/CASUM/HOWTO+utilize+javax.servlet.http.HttpServletRequest+isUserInRole%28+java.lang.String+role+%29
Good suggestion. It's worth mentioning that the SAML-based attribute
release capability that I've been discussing is at work under the hood
here as well.
M
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
