CAS would need to return these attributes back to the app obviously. Once the configuration is done, your client can either call /samlValidate to get the attributes, or call /serviceValidate with a modified CAS response. The client would also need to be able parse the returned attributes and stuff them into your principal.
From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 10:51 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? Thanks Misagh - and what if I wanted to display a user's first and last name (this information would be stored in AD)? For instance, the user signs in with a username of "somedummy" but we want CAS to return somedummy's first name ("Some") and last name ("Dummy")? Ideas? From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Thursday, May 29, 2014 11:13 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? Your app seems like should get the principal from the authenticationToken that is set by the filters in the client. From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 7:13 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? It's a Grails app (so Groovy webapp). Using the Shiro-CAS <http://grails.org/plugin/shiro-cas> Grails plugin for authentication. Thoughts? From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Thursday, May 29, 2014 10:02 AM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? What type of application do you have? From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 6:55 AM To: cas-user@lists.jasig.org Subject: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? I currently have my CAS instance authenticating against our AD server via BindLdapAuthenticationHandler (this is injected from deployerConfigContext.xml). I now have a requirement to pull back usernames after they authenticate. Thus, the workflow should be: 1. User goes to my app at an authenticated URL 2. User gets redirected to CAS login page 3. User (username is somedummy, etc.) logs in, and authenticates 4. User is redirected back to my app (at the original URL they wanted to go to) 5. My app now has their username (somedummy) stored somewhere (cookie, HTTP response param, etc.) that it can lookup If this possible? If so, how/where? Thanks! -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user