I've heard this referred to as having a "ghost user" account. Basically a generic account that you, as an administrator, can change the attributes on. For instance, application A requires email address as an attribute. Set the ghost_user1 email address to the email address of the user you are trying to impersonate. Of course this raises ethical/policy questions, which you also need to address before putting something like this into practice. There's also the issue of non-repudiation. If I know that Brian has a method for logging into an application as me, I can log in and do nasty things, then say Brian logged in as me and did it.
Matt On Wednesday, January 9, 2019 at 12:48:12 PM UTC-7, gibson_brian wrote: > > Hi all, > > Is there a way within a service entry in CAS 5.1 to say that if person A > logs in successfully, send them to the service as person B? > > I checked the 5.1 service-related docs but couldn't find anything. > > Thanks, > > Brian > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8a3e7fae-9774-4215-b7f1-0ca1fc7989bd%40apereo.org.
