Hi, " Though, I think you could achieve that by creating the appropriate handler"
Could you abit elaborate on that one? Some leads how to implement this. Thanks From: Jérôme LELEU [mailto:[email protected]] Sent: Tuesday, December 17, 2013 9:15 AM To: [email protected] Subject: Re: [cas-user] Impersonation support Hi, CAS doesn't have that feature out of the box. Though, I think you could achieve that by creating the appropriate handler : it would take the Admin credentials as well as the username to impersonate. The main challenge and concern here is security, as this mecanism is extremely powerful. If I can trick it, I could be anyone. The level of security requested for the Admin user should be higher than for a regular user : IP filtering or one-time password code could be extra checks (in addition to login/pwd) to mitigate risks. Best regards, Jérôme 2013/12/16 ray <[email protected]<mailto:[email protected]>> I would like to know if cas support impersonation? For example an Admin user can have the ability to "pretend" to be some regular user and have his roles, permissions, etc.. Something like Facebook feature: ".. View as Specific Person" If CAS doesn't support that out of the box any suggestions how to work around for doing that? Thanks, ray. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
