Hi,
I'm looking to see if anybody has, or knows how to use SAML attributes to
determine if a user may access the Service Management interface in 3.4.10? I
already have the bean attributeRepository configured and tested that it is
releasing SAML attributes, however, instead of:
<sec:user-service id="userDetailsService">
<sec:user name="@@THIS SHOULD BE REPLACED@@" password="notused"
authorities="ROLE_ADMIN" />
</sec:user-service>
I'd rather have the userDetailsService bean inspect the SAML attributes for a
user, and if they have a role ADMIN, permit access, otherwise display a 403
error. Is this possible?
Thanks
Paul
________________________________
This email and any attachments are confidential and intended solely for the use
of the addressee and may contain information which is covered by legal,
professional or other privilege. If you have received this email in error
please notify the system manager at [email protected] and delete this
email immediately. Any views or opinions expressed are solely those of the
author and do not necessarily represent those of the University of Ulster. The
University's computer systems may be monitored and communications carried out
on them may be recorded to secure the effective operation of the system and for
other lawful purposes. The University of Ulster does not guarantee that this
email or any attachments are free from viruses or 100% secure. Unless expressly
stated in the body of a separate attachment, the text of email is not intended
to form a binding contract. Correspondence to and from the University may be
subject to requests for disclosure by 3rd parties under relevant legislation.
The University of Ulster was founded by Royal Charter in 1984 and is registered
with company number RC000726 and VAT registered number GB672390524.The primary
contact address for the University of Ulster in Northern Ireland is,Cromore
Road, Coleraine, Co. Londonderry BT52 1SA
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
