Hi, As far as I remember, CAS 2.0 protocol does not return attributes, but you can validate service tickets through SAML 1.1 endpoint which returns attributes.
Regards. Le 15/09/2016 à 10:09, jordi tomas a écrit : > Hi Misagh, > thanks a lot, but I see this html > (https://apereo.github.io/cas/4.1.x/protocol/CAS-Protocol-Specification.html), > and I'm not sure that 2.0 protocol return attributes. > Jordi > > > El dijous, 15 setembre de 2016 9:13:22 UTC+2, jordi tomas va escriure: > > Hi, > > > > We are new on CAS Server, and we install version 4.1.5. I have > problems with return attributes. I use *cas-sample-java-webapp* > application to test it. It works ok, but on web.xml: > > > > - When I put > > <filter-class>org.jasig.cas.client.validation.*Cas30ProxyReceivingTicketValidationFilter*</filter-class> > it works ok, and return attributes. > > - When I put > > <filter-class>org.jasig.cas.client.validation.*Cas20ProxyReceivingTicketValidationFilter*</filter-class> > only can validate, but not return attributes. > > > > My CAS validate with LDAP. On deployerConfigContext.xml I have: > > > > <entry key-ref="ldapAuthenticationHandler" value="#{null}" /> > > > > And then… > > > > <bean id="ldapAuthenticationHandler" > > > class="org.jasig.cas.authentication.LdapAuthenticationHandler" > init-method="initialize" > > p:principalIdAttribute="uid" > > c:authenticator-ref="authenticator"> > > <property name="principalAttributeMap"> > > <map> > > <!-- > > | This map provides a simple attribute resolution > mechanism. > > | Keys are LDAP attribute names, values are CAS > attribute names. > > | Use this facility instead of a PrincipalResolver > if LDAP is > > | the only attribute source. > > --> > > <entry key="cn" value="cn" /> > > <entry key="givenname" value="givenname" /> > > <entry key="sn" value="sn" /> > > <entry key="mail" value="mail" /> > > </map> > > </property> > > </bean> > > > > And on JSON services: > > > > { > > "@class" : "org.jasig.cas.services.RegexRegisteredService", > > "serviceId" : "xxxxxxxxxxxx/cas-sample-java-webapp/*", > > "name" : "Test Application", > > "id" : 10000002, > > "description" : "", > > "evaluationOrder" : 1002, > > "usernameAttributeProvider" : { > > "@class" : > "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" > > }, > > "logoutType" : "BACK_CHANNEL", > > "attributeReleasePolicy" : { > > "@class" : > "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", > > "allowedAttributes" : [ "java.util.ArrayList", [ "cn", "mail", > "sn", "givenname”] ] > > }, > > "accessStrategy" : { > > "@class" : > "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", > > "enabled" : true, > > "ssoEnabled" : true > > }, > > "proxyPolicy" : { > > "@class" : > "org.jasig.cas.services.RegexMatchingRegisteredServiceProxyPolicy", > > "pattern" : "^https://.*" > > } > > } > > > Can CAS 2.0 protocol return attributes ? or I have something wrong ? > > > Thanks in Advance, > > <w:LsdException Locked="false" Pr > > -- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to cas-user+unsubscr...@apereo.org > <mailto:cas-user+unsubscr...@apereo.org>. > To post to this group, send email to cas-user@apereo.org > <mailto:cas-user@apereo.org>. > Visit this group at > https://groups.google.com/a/apereo.org/group/cas-user/. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/0faf8db9-abea-47b4-854c-d7f16e1df46a%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/0faf8db9-abea-47b4-854c-d7f16e1df46a%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To post to this group, send email to cas-user@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5fa0ca3c-2289-5cf4-c96e-81a70dd44859%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
smime.p7s
Description: Signature cryptographique S/MIME