Sure is possible. One strategy to do this would be:
1) Create a simple "strategy" interface/impl that takes a principal id and does
an additional validation (checking the status against a DB2 data source in this
case)
2) Add an additional action state to the CAS' login flow to execute this check
Hi I currently have this configured and it is working fine.
1. User log's in with profile_name/pass.
2. Validate that profile_name/pass against LDAP.
3. If success use CredentialsToLDAPAttributePrincipalResolver to get a
different attribute from LDAP to use it as an ID to use for the client.
4. T