Have you modified *casServiceValidationSuccess.jsp* to get the user
attributes back to PHP-CAS
Find code snippet below
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].
principal.id)}</cas:user>
<cas:attributes>
<c:forEach var="attr"
items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}"
varStatus="loopStatus" begin="0"
end="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes)-1}"
step="1">
<cas:attribute>
<cas:name>${fn:escapeXml(attr.key)}</cas:name>
<cas:value>${fn:escapeXml(attr.value)}</cas:value>
</cas:attribute>
</c:forEach>
</cas:attributes>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}"
varStatus="loopStatus" begin="0"
end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
Regards,
Gopi
On Wed, Mar 17, 2010 at 8:14 PM, Marc Delerue <[email protected]> wrote:
> Hello,
>
> I (finaly) managed to make the authentication work using openLdap. I
> know can access my application but I have another problem :
> I try to get some information about the users that are stored in the
> LDAP, so I configured the attributeRepository to get these
> informations and test with 2 applications (a script using phpCAS and
> this demo
> http://www.ja-sig.org/wiki/display/CASC/JA-SIG+Java+Client+Simple+WebApp+Sample
> ).
>
> One more time, the authentication is ok but it seems that attributes
> aren't sent by CAS.
>
> My tomcat/cas logs don't say anything bad (for the moment.)
>
> I put the content of my deployerConfigContext.xml file in the case
> somebody would have an idea.
>
>
> <!--
> ########################################################################################################################################
> -->
> <?xml version="1.0" encoding="UTF-8"?>
>
> <beans xmlns="http://www.springframework.org/schema/beans";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:p="http://www.springframework.org/schema/p";
> xsi:schemaLocation="http://www.springframework.org/schema/beans
> http://www.springframework.org/schema/beans/spring-beans-2.5.xsd";>
>
> <bean id="authenticationManager"
>
> class="org.jasig.cas.authentication.AuthenticationManagerImpl">
>
> <property name="credentialsToPrincipalResolvers">
> <list>
>
> <bean
>
>
> class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">
> <!-- The Principal resolver form the
> credentials -->
> <property
> name="credentialsToPrincipalResolver">
> <bean
>
>
> class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> />
> </property>
> <!--
> The query made to find the
> Principal ID.
> "%u" will be replaced by the
> resolved Principal
> -->
> <property name="filter"
> value="(ENTPersonLogin=%u)" />
>
> <!-- The attribute used to define
> the new Principal ID -->
>
> <property
> name="principalAttributeName" value="ENTPersonLogin" />
>
> <property name="searchBase"
> value="ou=people,dc=ent,dc=fr" />
> <property name="contextSource"
> ref="contextSource" />
>
> <property name="attributeRepository"
> ref="attributeRepository" />
>
>
> </bean>
>
>
> <bean
>
>
> class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> />
> </list>
> </property>
>
> <property name="authenticationHandlers">
> <list>
> <bean
> class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
> p:httpClient-ref="httpClient" />
>
> <bean
> class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
> <property name="filter"
> value="ENTPersonLogin=%u" />
> <property name="searchBase"
> value="ou=people,dc=ent,dc=fr" />
> <property name="contextSource"
> ref="contextSource" />
> </bean>
> </list>
> </property>
> </bean>
>
>
> <bean id="contextSource"
> class="org.springframework.ldap.core.support.LdapContextSource">
> <property name="anonymousReadOnly" value="false"/>
> <property name="pooled" value="true"/>
> <property name="urls">
> <list>
> <!--value>ldaps://localhost/</value-->
> <value>ldap://localhost/</value>
> </list>
> </property>
> <property name="userDn" value="cn=admin,dc=ent,dc=fr"/> <!-- eg
> uid=LdapUser,dc=yourdomain,dc=edu -->
> <property name="password" value="xxxxxx"/>
> <property name="baseEnvironmentProperties">
> <map>
> <entry key="java.naming.security.authentication"
> value="simple" />
> </map>
> </property>
> </bean>
>
>
> <bean id="userDetailsService"
> class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
> <property name="userMap">
> <value>
> admin=notused,ROLE_ADMIN
> </value>
> </property>
> </bean>
>
>
>
> <bean id="attributeRepository"
> class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
> <property name="baseDN" value="ou=people,dc=ent,dc=fr" />
> <property name="contextSource" ref="contextSource" />
> <property name="requireAllQueryAttributes" value="true" />
>
> <property name="queryAttributeMapping">
> <map>
> <entry key="username" value="ENTPersonLogin" />
> <entry key="uid" value="uid" />
> <entry key="displayName" value="displayName" />
> <entry key="sn" value="sn" />
> </map>
> </property>
>
> <property name="resultAttributeMapping">
> <map>
> <entry key="givenName" value="givenName"/>
> <entry key="distinguishedName"
> value="distinguishedName" />
> <entry key="sn" value="sn" />
> <entry key="uid" value="uid" />
> <entry key="displayName" value="displayName" />
> </map>
> </property>
>
> </bean>
>
> <bean
> id="serviceRegistryDao"
> class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
> <property name="registeredServices">
> <list>
>
> <bean
>
> class="org.jasig.cas.services.RegisteredServiceImpl"
> p:id="5"
> p:description="App1"
> p:serviceId="*://*.domain.int:*/**"
> p:name="App1"
> p:theme="default"
> p:allowedToProxy="true"
> p:enabled="true"
> p:ssoEnabled="true"
> p:anonymousAccess="false">
> <property name="allowedAttributes"
> value="sn,uid,displayName"/>
> </bean>
>
> </list>
> </property>
> </bean>
>
> </beans>
> <!--
> ########################################################################################################################################
> -->
>
>
> Thank you very much in advance.
>
> Regards
>
> Marc
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
