X.509 Certificates and query database

Hi all,

I have configured login-webflow.xml  to CAS check the x509 Certificate the first , and it works ok.

But I want to make a Database query, after CAS validates the x509 Certificate (the same that appears in  http://www.ja-sig.org/wiki/display/CASUM/X.509+Certificates "A field can be extracted from the Certificate and then resolved to a Principal name through an LDAP lookup")

How can I make it? Any idea or example would be great,

Thanks in advance.
Diego

> But I want to make a Database query, after CAS validates the x509
> Certificate (the same that appears in
> http://www.ja-sig.org/wiki/display/CASUM/X.509+Certificates "A field can be
> extracted from the Certificate and then resolved to a Principal name through
> an LDAP lookup")

We extract a part of the subject DN and perform an LDAP lookup to map
an integer onto a string principal name, which is what you described
above.  A full example is available in our deployer config,
https://projects.iad.vt.edu:8443/svn/middleware/cas/cas-server/trunk/vt-cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml.
 The points of interest are the X509CredentialsAuthenticationHandler
bean and the PDCCredentialsToPrincipalResolver.  The latter class is a
custom CredentialsToPrincipalResolver, one of which you will likely
need to perform your database principal mapping.

Good luck,
Marvin

--
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user