[cas-user] Re: get my attributes from ldap in CAS 4.2.6

Thu, 02 Feb 2017 06:56:47 -0800 

I see you are using the json service registry.  You will need to provide a 
list of allowedAttributes for the attributeReleasePolicy in each service 
file. This allows different attributes to be returned for different 
services.

Hope that helps,
Melissa


On Wednesday, February 1, 2017 at 7:15:40 AM UTC-5, z mortazavi wrote:
>
> Hi,
>
> I setup jasig-cas-4.2.6 and I can login successful in cas-side but in my 
> client I get login successful but phpCAS::getAttributes() no return my 
> attribute such as mail and givenName
>
> deployerConfigContext.xml is:
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <beans xmlns="http://www.springframework.org/schema/beans";
>        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>        xmlns:context="http://www.springframework.org/schema/context";
>        xmlns:p="http://www.springframework.org/schema/p";
>        xmlns:c="http://www.springframework.org/schema/c";
>        xmlns:aop="http://www.springframework.org/schema/aop";
>        xmlns:tx="http://www.springframework.org/schema/tx";
>        xmlns:util="http://www.springframework.org/schema/util";
>        xmlns:sec="http://www.springframework.org/schema/security";
>        xmlns:ldaptive="http://www.ldaptive.org/schema/spring-ext";
>        xsi:schemaLocation="http://www.springframework.org/schema/beans 
> http://www.springframework.org/schema/beans/spring-beans.xsd
>
>
>        http://www.springframework.org/schema/tx 
> http://www.springframework.org/schema/tx/spring-tx.xsd
>
>        http://www.springframework.org/schema/aop 
> http://www.springframework.org/schema/aop/spring-aop.xsd
>        http://www.springframework.org/schema/context 
> http://www.springframework.org/schema/context/spring-context.xsd
>        http://www.springframework.org/schema/security 
> http://www.springframework.org/schema/security/spring-security.xsd
>        http://www.springframework.org/schema/util 
> http://www.springframework.org/schema/util/spring-util.xsd
>        http://www.ldaptive.org/schema/spring-ext 
> http://www.ldaptive.org/schema/spring-ext.xsd";>
>     
>      
>     <bean id="ldapAuthenticationHandler"         
> class="org.jasig.cas.authentication.LdapAuthenticationHandler"
>      
>       c:authenticator-ref="authenticator"> 
>     <property name="principalAttributeMap">
>         <map>
>     
>     <entry key="givenName" value="firstName"/>
>      <entry key="mail" value="email"/>
>     
>         </map>
>     </property> 
>     </bean>
>     
>     
>     
>     
>     <util:map id="authenticationHandlersResolvers">
>         <entry key-ref="proxyAuthenticationHandler" 
> value-ref="proxyPrincipalResolver" />
>            <entry key-ref="ldapAuthenticationHandler" value="#{null}" />
>
>     </util:map>
>     
>     
>     <util:list id="authenticationMetadataPopulators">
>         <ref bean="successfulHandlerMetaDataPopulator" />
>         <ref bean="rememberMeAuthenticationMetaDataPopulator" />
>     </util:list>
>         
>         
>         
>     <alias name="acceptUsersAuthenticationHandler" 
> alias="primaryAuthenticationHandler" />
>     <alias name="personDirectoryPrincipalResolver" 
> alias="primaryPrincipalResolver" />
>
>     <bean id="attributeRepository" 
> class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
>           p:backingMap-ref="attrRepoBackingMap" />
>
>     <util:map id="attrRepoBackingMap">
>  
>     
>     <entry key="givenName" value="firstName"/>
>     <entry key="mail" value="email"/>
>    
>       
>         <entry>
>             <key><value>memberOf</value></key>
>             <list>
>                 <value>faculty</value>
>                 <value>staff</value>
>                 <value>org</value>
>             </list>
>         </entry>
>     </util:map> 
>
>     
>     <alias name="serviceThemeResolver" alias="themeResolver" />
>
>     <alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" />
>
>     <alias name="defaultTicketRegistry" alias="ticketRegistry" />
>     
>     <alias name="ticketGrantingTicketExpirationPolicy" 
> alias="grantingTicketExpirationPolicy" />
>     <alias name="multiTimeUseOrTimeoutExpirationPolicy" 
> alias="serviceTicketExpirationPolicy" />
>
>     <alias name="anyAuthenticationPolicy" alias="authenticationPolicy" />
>     <alias name="acceptAnyAuthenticationPolicyFactory" 
> alias="authenticationPolicyFactory" />
>
>     <bean id="auditTrailManager"
>           
> class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager"
>           p:entrySeparator="${cas.audit.singleline.separator:|}"
>           p:useSingleLine="${cas.audit.singleline:false}"/>
>
>     <alias name="neverThrottle" alias="authenticationThrottle" />
>
>     <util:list id="monitorsList">
>         <ref bean="memoryMonitor" />
>         <ref bean="sessionMonitor" />
>     </util:list>
>
>     <alias name="defaultPrincipalFactory" alias="principalFactory" />
>     <alias name="defaultAuthenticationTransactionManager" 
> alias="authenticationTransactionManager" />
>     <alias name="defaultPrincipalElectionStrategy" 
> alias="principalElectionStrategy" />
>     <alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor" />
>     
>
>     
> <bean id="serviceRegistryDao"
>       class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"
>       p:registeredServices-ref="registeredServicesList" />
>     
>
>
>     <util:list id="registeredServicesList">
>         <bean class="org.jasig.cas.services.RegexRegisteredService"
>           p:id="1"
>           p:name="sso"
>           p:serviceId="^(https?|imaps?|http?)://.*"
>           p:description="sso cas"
>           p:evaluationOrder="0" >
>   
>    
>  <property name="attributeReleasePolicy">
>     <bean 
> class="org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy">
>         <property name="allowedAttributes">
>     
>
>                      
>                 <list>
>                     <value>mail</value>
>                     <value>givenName</value>
>                     
>
>                 </list> 
>     </property>
>     </bean>
>     
>         </property>
>
>         </bean>
>   
>
>     </util:list>    
>
>     
>             
>         <ldaptive:ad-authenticator id="authenticator"
>             
>         ldapUrl="xxxx"
>         baseDn="xxxxxx"
>         userFilter="xx"
>         bindDn="xxxxx"
>            bindCredential="xxxxxxxx"
>         connectTimeout="5000"
>         useStartTLS="false"
>         blockWaitTime="3000"
>         maxPoolSize="10"
>         allowMultipleDns="false"
>         minPoolSize="1"
>         validateOnCheckOut="false"
>         validatePeriodically="true"
>         validatePeriod="300"
>         idleTime="600"
>         prunePeriod="300"
>         failFastInitialize="false"
>         subtreeSearch="true"
>         useSSL="false"
>
> />
>         
> </beans>
>
>
>
> does need i change HTTPSandIMAPS-10000001.json  file for 
> ReturnAllowedAttributeReleasePolicy??
> is any help?
> thanks in advaned
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a8080200-897e-471f-8ceb-e679d4de49e7%40apereo.org.

Reply via email to