Misagh Moayyed <mmoay...@unicon.net> a écrit : > OK. So note that you're actually reviewing the "development" version of > documentation, as the snippet at the top of the page says. For future > reference, you want to review this instead: > http://jasig.github.io/cas/4.0.x/installation/Configuring-Authentication-Components.html > > Nonetheless, that is a documentation error and should be corrected for all. > > That said, I don't think you need a separate resolver. With the ldap AuthN > handler, simply set the principal attribute to the new attribute you have, > and resolve attributes directly in the handler. The in the AuthN manager, > null out the matching resolver. >
Thanks for the tip. Works fine nulling out the matching resolver in the authenticationManager and setting the principalIdAttribute to uid in the ldapAuthenticationHandler. To set a null value in place of the resolver bean id, the following syntax found in the documentation ( http://jasig.github.io/cas/4.0.x/installation/LDAP-Authentication.html#principalresolver-vs-authenticationhandler ) didn't work : <entry key-ref="ldapAuthenticationHandler" value="#{null}"/> Had to use this syntax instead : <entry key-ref="ldapAuthenticationHandler"><null /></entry> To sum up, using a separate resolver is only required if additional attributes not present in the LDAP directory used for authentication are needed ? -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
