Pavel, I see. You are right that the attributes will be outdated. I do not know if there is a way to refresh without login. This sounds similar to a unix login session; if something like group membership is changed, user will need to log in again to see the change.
Ray On Fri, 2018-10-19 at 11:00 +0300, Павел Антонов wrote: Ray, I need to apply new attributes (changed in CAS) to already authenticated user. How can i do this without logoff/logon currently authenticated user? Does your recommendation solve my problem? I think "Map attributes = principal.getAttributes()" will return the outdated attributes obtained during authentication... чт, 18 окт. 2018 г. в 20:27, Ray Bon <[email protected]<mailto:[email protected]>>: Pavel, I suspect getting attributes for protocol 3 will be same as SAML 1.1. AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal(); Map attributes = principal.getAttributes(); There should be no need to go back to CAS. Ray On Thu, 2018-10-18 at 05:31 -0700, Pavel Antonov wrote: Hi! I'm developing an API using the Spring Framework. CAS server version 5.3.1, CAS protocol version 3 and CAS client included with Spring Security are used for user authentication. Based on this example https://apereo.github.io/2018/02/20/cas-service-rbac-attributeresolution/ I use CAS attributes as user roles in my API. It's necessary to rerequest CAS from my API to update the roles for already authenticated user. Is it possible to do that without user browser redirects? -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group. To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/Jsl0j06R_tw/unsubscribe. To unsubscribe from this group and all its topics, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1539883619.2864.46.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/1539883619.2864.46.camel%40uvic.ca?utm_medium=email&utm_source=footer>. -- Отправлено с ПЭВМ -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected] -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1539967662.2864.71.camel%40uvic.ca.
