Modify the preAuthenticationManagers
section by uncommenting the following lines:....
<bean class="org.jasig.cas.adaptors.trusted.authentication.principal.
PrincipalBearingCredentialsToPrincipalResolver"/>
....
<bean class="org.jasig.cas.adaptors.trusted.authentication.handler.support.
PrincipalBearingCredentialsAuthenticationHandler"/>
....
<property name="preAuthenticationActions">
<list>
<bean id="principalFromRequestRemoteUser"
class="com.dassault_systemes.dspassport.iamweb.cas.authentication.action.impl.
PreAuthPrincipalFromRequestRemoteUserAction"/>
<property name="decodeRemoteUser" value="false" />
<property name="remoteUserHeaderName" value="" />
</list>
</property>
....
in the appropriate location as illustrated below:
...
<property name="preAuthenticationManagers">
<list>
<bean id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<property name="credentialsToPrincipalResolvers">
<list>
<bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"/>
<bean class="org.jasig.cas.adaptors.trusted.authentication.
principal.PrincipalBearingCredentialsToPrincipalResolver"/>
</list>
</property>
<property name="authenticationHandlers">
<list>
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
<property name="httpClient" ref="httpClient"/>
<property name="retryTemplate" ref="retryTemplate" />
<property name="maxAttempts" value="${cas.retry.maxattempts:5}" />
<property name="callbackFailedCounter" ref="callbackFailedCounter"></property>
</bean>
<bean class="org.jasig.cas.adaptors.trusted.authentication.handler.support.PrincipalBearingCredentialsAuthenticationHandler"/>
</list>
</property>
</bean>
</list>
</property>
<property name="preAuthenticationActions">
<list>
<bean id="principalFromRequestRemoteUser"
class="com.dassault_systemes.dspassport.iamweb.cas.authentication.action.impl.
PreAuthPrincipalFromRequestRemoteUserAction"/>
<property name="decodeRemoteUser" value="false" />
<property name="remoteUserHeaderName" value="" />
</list>
</property>
...
“remoteUserHeaderName” property
By default, the remote user is retrieved from the
request by calling the HttpServletRequest.getRemoteUser
method in
the PreAuthPrincipalFromRequestRemoteUserAction
class.
The remote user name can also be retrieved from
a custom header in the request, by setting the remoteUserHeaderName
property for the principalFromRequestRemoteUser
bean as follows:
<bean id="principalFromRequestRemoteUser"
class="com.dassault_systemes.dspassport.iamweb.cas.authentication.action.impl.
PreAuthPrincipalFromRequestRemoteUserAction">
<property name="remoteUserHeaderName" value="###CUSTOM_HEADER_NAME###"/>
</bean>
decodeRemoteUser"
property
By default, the remote user string is not URL
decoded so this property is set to false. If the remote user string
contains special characters that needs to be URL encoded up-front,
then you need to set this property to true.