Thanks again. A few followups: When you say: "CAS would need to return these attributes back to the app...", where (what file) would I make these configurations in? Are there docs on what attributes CAS can pull back from AD?
Also, when you say: "your client can call ... with a modified CAS reponse", what do you mean by "modified"? Can you give a concrete example? Thanks again! From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Thursday, May 29, 2014 1:58 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? CAS would need to return these attributes back to the app obviously. Once the configuration is done, your client can either call /samlValidate to get the attributes, or call /serviceValidate with a modified CAS response. The client would also need to be able parse the returned attributes and stuff them into your principal. From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 10:51 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? Thanks Misagh - and what if I wanted to display a user's first and last name (this information would be stored in AD)? For instance, the user signs in with a username of "somedummy" but we want CAS to return somedummy's first name ("Some") and last name ("Dummy")? Ideas? From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Thursday, May 29, 2014 11:13 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? Your app seems like should get the principal from the authenticationToken that is set by the filters in the client. From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 7:13 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? It's a Grails app (so Groovy webapp). Using the Shiro-CAS<http://grails.org/plugin/shiro-cas> Grails plugin for authentication. Thoughts? From: Misagh Moayyed [mailto:mmoay...@unicon.net] Sent: Thursday, May 29, 2014 10:02 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: RE: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? What type of application do you have? From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Thursday, May 29, 2014 6:55 AM To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> Subject: [cas-user] Pulling back usernames from BindLdapAuthenticationHandler/AD? I currently have my CAS instance authenticating against our AD server via BindLdapAuthenticationHandler (this is injected from deployerConfigContext.xml). I now have a requirement to pull back usernames after they authenticate. Thus, the workflow should be: 1. User goes to my app at an authenticated URL 2. User gets redirected to CAS login page 3. User (username is somedummy, etc.) logs in, and authenticates 4. User is redirected back to my app (at the original URL they wanted to go to) 5. My app now has their username (somedummy) stored somewhere (cookie, HTTP response param, etc.) that it can lookup If this possible? If so, how/where? Thanks! -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net<mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: zhar...@commercehub.com<mailto:zhar...@commercehub.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net<mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: zhar...@commercehub.com<mailto:zhar...@commercehub.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: mmoay...@unicon.net<mailto:mmoay...@unicon.net> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: zhar...@commercehub.com<mailto:zhar...@commercehub.com> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user