CAS authentication denial based on an attribute

[Sebastien BEAUDLOT]

Hi,

I was asked by my boss if CAS can help managing a digital version of our internal rules agreement (for now, every user sign a paper version of the rules before getting a login/password. We want them to read a PDF version of the rules, then click a box to agree, before being able to authenticate through CAS.

Is CAS able to do such thing ? Denying authentication based on a LDAP attribute, for example, and redirecting to a page/service until this particular attribute is set to 'true' ?

So we would just have to create the page to digitally sign the rules.

Regards.

--
Sébastien BEAUDLOT

Administrateur réseaux, téléphonie et flotte mobile

Direction Opérationnelle des Systèmes d'Information ( DOSI )
Pôle Infrastructures
Université d'Avignon et des Pays de Vaucluse

Tèl : 04.90.16.26.04
--

[Tom O'Neill]

Sebastien,

 

As far as I know, that is not baseline functionality but the code could certainly be extended to perform the check, if you were inclined to do so.

CAS with LDAP integration would rely on the account status being maintained at the directory level. Depending on what directory you’re using you might be able to get crafty to leverage LPPE notifications.

 

Thanks,

 

Tom O’Neill

 

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/693435497.7465236.1506671346591.JavaMail.zimbra%40univ-avignon.fr.

[David Curry]

Most of the functionality for what you want is here, I think:

https://apereo.github.io/cas/development/installation/Webflow-Customization-AUP.html

It seems to be available in 5.1.x as well, although with fewer options for storing state that what 5.2.x is going to offer.

I should mention that while this is on my list of features to investigate, I have not actually tried it yet, so I can't comment on it beyond "here's the link."

--Dave

--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu

--

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

[Tom O'Neill]

Looks like I need to catch up on my 5.x – another good reference, thanks Dave!

 

Thanks,

 

Tom O’Neill

--

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/693435497.7465236.1506671346591.JavaMail.zimbra%40univ-avignon.fr.

 

--

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMkAjN0Sobr4W9Bqj-LiduDY-wqx7yABfkc8X3Xgg1_tw%40mail.gmail.com.

[David Curry]

If you're not doing so yet, I've found the best way to at least sort of keep up is to read Misagh's "feature release" blog posts on https://apereo.github.io/ -- at least that way I get an awareness of all  the new features and (hopefully) they'll stick somewhere in the back of mind until I get to the point where I'm ready to work on them.

--Dave

--

DAVID A. CURRY, CISSP
DIRECTOR OF INFORMATION SECURITY
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david...@newschool.edu

--

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/693435497.7465236.1506671346591.JavaMail.zimbra%40univ-avignon.fr.

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMkAjN0Sobr4W9Bqj-LiduDY-wqx7yABfkc8X3Xgg1_tw%40mail.gmail.com.

--

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CY4PR02MB2773AA8928E9A2608740EA34CB7E0%40CY4PR02MB2773.namprd02.prod.outlook.com.