Custom X509 Principal Resolution...

[Jathan Manley]

I working on adding smart card certificate support into a test CAS server and I'm sure there must be a simple answer to this but I'm stumped.

I have a collection of different smart card CAs that I'm willing to accept from, but I need to use information in the certificate to transform into a principal name from our LDAP directory.  I can see the small collection of principal resolvers available, but am a loss as how to extend them.  Our plan is to use the subject alternative name UPN to then lookup a valid principal in our LDAP directory using the sAMAccountName as the resulting principal name.

I've gotten as far as getting the certificate decoded and the UPN extracted within CAS, but not sure what is next.  Can I do this easily in the overlay?

Any pointers?

Thanks in advance,

Jathan