Re: [cas-user] Re: get my attributes from ldap in CAS 4.2.6

Tue, 14 Feb 2017 04:09:21 -0800 

this error accuers



2017-02-14 15:37:31,378 ERROR
[org.jasig.cas.authentication.LdapAuthenticationHandler] - <The principal
id attribute uid is not found. CAS cannot construct the final authenticated
principal if it's unable to locate the attribute that is designated as the
principal id. Attributes available are []>


 when  i set in deployerConfigContext.xml

<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
    p:principalIdAttribute="uid"
    c:authenticator-ref="authenticator">



On Tue, Feb 7, 2017 at 10:31 AM, z mortazavi <[email protected]> wrote:

> any help?
>
> On Thu, Feb 2, 2017 at 6:26 PM, Melissa Floyd <[email protected]> wrote:
>
>> I see you are using the json service registry.  You will need to provide
>> a list of allowedAttributes for the attributeReleasePolicy in each service
>> file. This allows different attributes to be returned for different
>> services.
>>
>> Hope that helps,
>> Melissa
>>
>>
>>
>> On Wednesday, February 1, 2017 at 7:15:40 AM UTC-5, z mortazavi wrote:
>>>
>>> Hi,
>>>
>>> I setup jasig-cas-4.2.6 and I can login successful in cas-side but in my
>>> client I get login successful but phpCAS::getAttributes() no return my
>>> attribute such as mail and givenName
>>>
>>> deployerConfigContext.xml is:
>>>
>>> <?xml version="1.0" encoding="UTF-8"?>
>>>
>>> <beans xmlns="http://www.springframework.org/schema/beans";
>>>        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>>>        xmlns:context="http://www.springframework.org/schema/context";
>>>        xmlns:p="http://www.springframework.org/schema/p";
>>>        xmlns:c="http://www.springframework.org/schema/c";
>>>        xmlns:aop="http://www.springframework.org/schema/aop";
>>>        xmlns:tx="http://www.springframework.org/schema/tx";
>>>        xmlns:util="http://www.springframework.org/schema/util";
>>>        xmlns:sec="http://www.springframework.org/schema/security";
>>>        xmlns:ldaptive="http://www.ldaptive.org/schema/spring-ext";
>>>        xsi:schemaLocation="http://www.springframework.org/schema/beans
>>> http://www.springframework.org/schema/beans/spring-beans.xsd
>>>
>>>
>>>        http://www.springframework.org/schema/tx
>>> http://www.springframework.org/schema/tx/spring-tx.xsd
>>>
>>>        http://www.springframework.org/schema/aop
>>> http://www.springframework.org/schema/aop/spring-aop.xsd
>>>        http://www.springframework.org/schema/context
>>> http://www.springframework.org/schema/context/spring-context.xsd
>>>        http://www.springframework.org/schema/security
>>> http://www.springframework.org/schema/security/spring-security.xsd
>>>        http://www.springframework.org/schema/util
>>> http://www.springframework.org/schema/util/spring-util.xsd
>>>        http://www.ldaptive.org/schema/spring-ext
>>> http://www.ldaptive.org/schema/spring-ext.xsd";>
>>>
>>>
>>>     <bean id="ldapAuthenticationHandler"
>>> class="org.jasig.cas.authentication.LdapAuthenticationHandler"
>>>
>>>       c:authenticator-ref="authenticator">
>>>     <property name="principalAttributeMap">
>>>         <map>
>>>
>>>     <entry key="givenName" value="firstName"/>
>>>      <entry key="mail" value="email"/>
>>>
>>>         </map>
>>>     </property>
>>>     </bean>
>>>
>>>
>>>
>>>
>>>     <util:map id="authenticationHandlersResolvers">
>>>         <entry key-ref="proxyAuthenticationHandler"
>>> value-ref="proxyPrincipalResolver" />
>>>            <entry key-ref="ldapAuthenticationHandler" value="#{null}" />
>>>
>>>     </util:map>
>>>
>>>
>>>     <util:list id="authenticationMetadataPopulators">
>>>         <ref bean="successfulHandlerMetaDataPopulator" />
>>>         <ref bean="rememberMeAuthenticationMetaDataPopulator" />
>>>     </util:list>
>>>
>>>
>>>
>>>     <alias name="acceptUsersAuthenticationHandler"
>>> alias="primaryAuthenticationHandler" />
>>>     <alias name="personDirectoryPrincipalResolver"
>>> alias="primaryPrincipalResolver" />
>>>
>>>     <bean id="attributeRepository" class="org.jasig.services.pers
>>> ondir.support.NamedStubPersonAttributeDao"
>>>           p:backingMap-ref="attrRepoBackingMap" />
>>>
>>>     <util:map id="attrRepoBackingMap">
>>>
>>>
>>>     <entry key="givenName" value="firstName"/>
>>>     <entry key="mail" value="email"/>
>>>
>>>
>>>         <entry>
>>>             <key><value>memberOf</value></key>
>>>             <list>
>>>                 <value>faculty</value>
>>>                 <value>staff</value>
>>>                 <value>org</value>
>>>             </list>
>>>         </entry>
>>>     </util:map>
>>>
>>>
>>>     <alias name="serviceThemeResolver" alias="themeResolver" />
>>>
>>>     <alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" />
>>>
>>>     <alias name="defaultTicketRegistry" alias="ticketRegistry" />
>>>
>>>     <alias name="ticketGrantingTicketExpirationPolicy"
>>> alias="grantingTicketExpirationPolicy" />
>>>     <alias name="multiTimeUseOrTimeoutExpirationPolicy"
>>> alias="serviceTicketExpirationPolicy" />
>>>
>>>     <alias name="anyAuthenticationPolicy" alias="authenticationPolicy" />
>>>     <alias name="acceptAnyAuthenticationPolicyFactory"
>>> alias="authenticationPolicyFactory" />
>>>
>>>     <bean id="auditTrailManager"
>>>           class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTra
>>> ilManager"
>>>           p:entrySeparator="${cas.audit.singleline.separator:|}"
>>>           p:useSingleLine="${cas.audit.singleline:false}"/>
>>>
>>>     <alias name="neverThrottle" alias="authenticationThrottle" />
>>>
>>>     <util:list id="monitorsList">
>>>         <ref bean="memoryMonitor" />
>>>         <ref bean="sessionMonitor" />
>>>     </util:list>
>>>
>>>     <alias name="defaultPrincipalFactory" alias="principalFactory" />
>>>     <alias name="defaultAuthenticationTransactionManager"
>>> alias="authenticationTransactionManager" />
>>>     <alias name="defaultPrincipalElectionStrategy"
>>> alias="principalElectionStrategy" />
>>>     <alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor"
>>> />
>>>
>>>
>>>
>>> <bean id="serviceRegistryDao"
>>>       class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"
>>>       p:registeredServices-ref="registeredServicesList" />
>>>
>>>
>>>
>>>     <util:list id="registeredServicesList">
>>>         <bean class="org.jasig.cas.services.RegexRegisteredService"
>>>           p:id="1"
>>>           p:name="sso"
>>>           p:serviceId="^(https?|imaps?|http?)://.*"
>>>           p:description="sso cas"
>>>           p:evaluationOrder="0" >
>>>
>>>
>>>  <property name="attributeReleasePolicy">
>>>     <bean class="org.jasig.cas.services.ReturnAllowedAttributeReleaseP
>>> olicy">
>>>         <property name="allowedAttributes">
>>>
>>>
>>>
>>>                 <list>
>>>                     <value>mail</value>
>>>                     <value>givenName</value>
>>>
>>>
>>>                 </list>
>>>     </property>
>>>     </bean>
>>>
>>>         </property>
>>>
>>>         </bean>
>>>
>>>
>>>     </util:list>
>>>
>>>
>>>
>>>         <ldaptive:ad-authenticator id="authenticator"
>>>
>>>         ldapUrl="xxxx"
>>>         baseDn="xxxxxx"
>>>         userFilter="xx"
>>>         bindDn="xxxxx"
>>>            bindCredential="xxxxxxxx"
>>>         connectTimeout="5000"
>>>         useStartTLS="false"
>>>         blockWaitTime="3000"
>>>         maxPoolSize="10"
>>>         allowMultipleDns="false"
>>>         minPoolSize="1"
>>>         validateOnCheckOut="false"
>>>         validatePeriodically="true"
>>>         validatePeriod="300"
>>>         idleTime="600"
>>>         prunePeriod="300"
>>>         failFastInitialize="false"
>>>         subtreeSearch="true"
>>>         useSSL="false"
>>>
>>> />
>>>
>>> </beans>
>>>
>>>
>>>
>>> does need i change HTTPSandIMAPS-10000001.json  file for
>>> ReturnAllowedAttributeReleasePolicy??
>>> is any help?
>>> thanks in advaned
>>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines: https://apereo.github.io/cas/M
>> ailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/a8080200-897e-471f-8ceb-e679d4de49
>> e7%40apereo.org
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a8080200-897e-471f-8ceb-e679d4de49e7%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>
>

-- 
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAErVME1ayi2EaRqAMPq%2B69s48OmDNx0gOJggLe9j4PhrE4FTAQ%40mail.gmail.com.

Reply via email to