Hello, I’m working on an upgrade from 3.5.3 to current stable (4.2.6) version and trying to get clearPass working using the new method (attribute in the validation response).
I followed the documentation (https://apereo.github.io/cas/4.2.x/integration/ClearPass.html <https://apereo.github.io/cas/4.2.x/integration/ClearPass.html>) but I can’t get credentials in returned attributes. On the Server logs I have : 2016-10-25 20:10:49,980 DEBUG [org.jasig.cas.web.v3.V3ServiceValidateController] - <Successfully validated service ticket ST-1-agVDTGIZtdndmucvcFPj-cas.test.fr for service [https://www.test.fr/owa/]> 2016-10-25 20:10:49,988 DEBUG [org.jasig.cas.web.view.Cas30ResponseView$Success] - <Preparing the output model to render view...> 2016-10-25 20:10:49,998 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <Starting to encode attributes for release to service [https://www.test.fr/owa/]> 2016-10-25 20:10:50,000 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[credential] is not available as a cached model attribute to encrypt...> 2016-10-25 20:10:50,001 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[proxyGrantingTicket] is not available as a cached model attribute to encrypt...> 2016-10-25 20:10:50,009 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[3] Encoded attributes are available for release to [https://www.test.fr/owa/]> The service, as said in the documentation, is defined with : "attributeReleasePolicy" : { "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", "principalAttributesRepository" : { "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, "authorizedToReleaseCredentialPassword" : true, "authorizedToReleaseProxyGrantingTicket" : false }, "publicKey" : { "@class" : "org.jasig.cas.services.RegisteredServicePublicKeyImpl", "location" : "classpath:clearPass-test-pub.key", "algorithm" : "RSA" } The public key « clearPass-test-pub.key » is in the WEB-INF/classes directory. For tests, I’m using phpCAS 1.3.4 with these snippet : phpCAS::client(CAS_VERSION_3_0, $cas_host, $cas_port, $cas_context); phpCAS::setCasServerCACert($cas_server_ca_cert_path); phpCAS::forceAuthentication(); $username = phpCAS::getUser(); // And list attributes retrieved by foreach (phpCAS::getAttributes() { blablabla } Listing attributes returned with phpCAS only give : authenticationDate isFromNewLogin longTermAuthenticationRequestTokenUsed Where could be my mistake ? Thank you ! -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/F561E3EF-19EE-46EF-8F48-53FF7B950B2E%40univ-lyon1.fr.
smime.p7s
Description: S/MIME cryptographic signature
