You’re doing just fine. The mongo authN simply ignores the attributes as it assumed attributes are to be retrieved from separate attribute repository sources. Dima and I were just reviewing this actually, and are working on a change to ensure attributes produced by the authentication process can be merged/echoed back with attributes produced by separate repository sources, if any. This behavior/feature only exists for a certain number of authN schemes, not for all…and our goal is to make sure it works for every mode of authN regardless.
This will be fixed before RC1 goes out. --Misagh From: [email protected] [mailto:[email protected]] On Behalf Of Karl Banke Sent: Wednesday, June 28, 2017 8:28 AM To: CAS Community <[email protected]> Subject: [cas-user] Re: User Attributes for MongoDB Authentication not found (5.1.0) Now Using 5.2.0-RC1-SNAPSHOT for another reason. I debugged the login process. - The profile is created in by the profile creator called from the MongoAuthenticationHandler that extends AbstractWrapperAuthenticationHandler - As expected, the profile has two attributes last_name -> User, first_name -> Cas - This is then passed to create a new DefaultHandlerResult in the AbstractPac4jAuthenticationHandler - It then reaches the AbstractAuthenticationManager.authenticateAndResolvePrincipal as a Handler Result where the principal has the two attributes correctly set. - Here the resolvePrincipal method is called with the following attributes: handler: MongoAuthenticationHandler resolver: org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver credential: UsernamePasswordCredential principal: The aforementioned Principal After this call, the principal has no attributes left. Within the PersonDirectoryPrincipalResolver the method retrievePersonAttributes(principalId, credential) returns null, which makes sense, since there are none defined. The attribute list is obtained from the attributeRepository which is by default an instance of CachingPersonAttributeDaoImpl. There the person with the given id has no attributes assigned, since the only way it could have been loaded is by the process that now tries to resolves the attributes. Is there any other place where I have to declare what the possible attributes are?! -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected] <mailto:[email protected]> . To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/06b86984-c0a6-4f81-a0e5-ae56bc0100d3%40apereo.org <https://groups.google.com/a/apereo.org/d/msgid/cas-user/06b86984-c0a6-4f81-a0e5-ae56bc0100d3%40apereo.org?utm_medium=email&utm_source=footer> . -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/01bf01d2f026%24a9bbb400%24fd331c00%24%40unicon.net.
