I would like to know if you found a Guide on how to get CAS 5.0 working
with the SAML 1.1 setting as a step by step guide. I can get auth working
but haven't had any luck with Saml 1.1 attribute release. We are migrating
from CAS 3.5.2 to CAS 5.0 and I feel CAS 5.0 is seriously lacking
documentation that was present with CAS 3.5.x.
On Friday, February 10, 2017 at 6:03:28 PM UTC-6, Tim McLaughlin wrote:
>
> Hello,
>
>
>
> I've been tasked with converting our CAS 4.1.x install to 5.0.x. I've
> authenticating against our local AD server, and I think I have it reading
> the JSON service definitions. However, it doesn't appear to be releasing
> "extra" attributes using the "attributeReleasePolicy" document in the JSON
> service document.
>
>
>
> Specifically:
>
> {
>
> "@class" : "org.apereo.cas.services.RegexRegisteredService",
>
> "serviceId" : "testid",
>
> "name" : "testid",
>
> "id" : 0,
>
> "evaluationOrder" : 0,
>
> "description" : "Testing Service",
>
> "attributeReleasePolicy" : {
>
> "@class" :
> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
>
> "allowedAttributes" : [
>
> "java.util.ArrayList",
>
> [
>
> "UDC_IDENTIFIER"
>
> ]
>
> ]
>
> }
>
> }
>
>
>
> I would expect to see "UDC_IDENTIFIER" in the <cas:serviceResponse> for
> that serviceId, as that works in 4.1.10, but it isn't there. The only
> thing I've modified between the two CAS versions is the classpath
> s/jasig/apereo/.
>
>
>
> The UDC_IDENTIFIER is a "mapped" name for an extensionAttribute in our
> AD. I can't find documentation on how to do that in 5.0.x, but from the
> example it looks like perhaps this is the way:
>
>
> cas.authn.ldap[0].principalAttributeList=sAMAccountName,userPrincipalName,sn,givenName,extensionAttribute2:UDC_IDENTIFIER
>
>
>
> Under 4.1.10 I am using a principalAttributeMap but all of the
> configuration around the LDAP principal is different.
>
>
>
> Is there any doc that will walk me through what's necessary to set this up
> in CAS 5.0.x?
>
>
>
> Thank you,
>
> Tim McLaughlin
>
>
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:>.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/94FCBC0F-A729-42AD-8BBC-A8406A8722A5%40wwu.edu
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/94FCBC0F-A729-42AD-8BBC-A8406A8722A5%40wwu.edu?utm_medium=email&utm_source=footer>
> .
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/89eed342-f09d-4532-9c99-b32449886710%40googlegroups.com.
