Gunny,
This is what I have for 3.5.2.1:
<!--
https://wiki.jasig.org/display/casum/attributes#Attributes-Configuringmulti-valuedkeysupportforattributes
-->
<!-- multi-valued key support for the myPersonId attribute -->
<util:set id="spridenIdSet">
<value>UDC_IDENTIFIER</value>
<value>uvicEduPersonSpridenID</value>
</util:set>
<!--
Bean that defines the attributes that a service may return.
-->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="contextSource" />
<property name="baseDN" value="dc=uvic,dc=ca" />
<!-- <property name="baseDN" value="${ldap-people-base-dn}" /> -->
<!--
Attribute mapping between principal (key) and LDAP (value) names
used to perform the LDAP search. By default, multiple search criteria
are ANDed together. Set the queryType property to change to OR.
-->
<property name="queryAttributeMapping">
<map>
<entry key="username" value="uid" />
</map>
</property><!-- -->
<property name="resultAttributeMapping">
<map>
<!-- Mapping between LDAP entry attributes (key) and Principal's
(value) -->
<entry key="uvicEduPersonSpridenID" value-ref="spridenIdSet"/>
<entry key="UDC_IDENTIFIER" value-ref="spridenIdSet"/>
<entry key="uvicEduPersonNetLinkContactUpdateTimestamp"
value="contactUpdateTimestamp" />
</map>
</property>
</bean>
Ray
On Wed, 2017-10-04 at 06:47 -0700, Gunny Kc wrote:
Hi Linda
I have been facing the same problem with CAS 3.4.12.1 version; can you give me
some insight?
In our LDAP, instead of UDC_IDENTIFER, we have an uid (attribute name) that
holds and UDCID got generated by IDEU. Is this really important to have a
UDC_IDENTIFER as an attribute in LDAP? Please suggest.
On Saturday, March 4, 2017 at 12:07:42 AM UTC+3, lttoth wrote:
Before I waste your time, did you successfully configure Ellucian in previous
CAS versions? If you did, then there are substantial changes is the
configuration format between older versions and now, so what I have won't help
you.
If this is your first integration, I can at least show you the phrasing we used
for integration between our LDAP and Ellucian, but our version is well behind
5.x.
Linda Toth
University of Alaska - Office of Information Technology (OIT) - Identity and
Access Management
910 Yukon Drive, Suite 103
Fairbanks, Alaska 99775
Tel: 907-450-8320
Fax: 907-450-8381
[email protected]<javascript:> |
www.alaska.edu/oit/<http://www.alaska.edu/oit/>
On Tue, Feb 21, 2017 at 11:08 AM, Daniel <[email protected]<javascript:>> wrote:
I am sure we are missing some property.
We need to release the displayName attribute from ldap as the udc_identifier
attribute in SAML.
Can anyone suggest what we are missing? or any steps we can take to get better
results from logs?
On Wednesday, February 15, 2017 at 1:56:10 PM UTC-5, Daniel wrote:
Greetings,
We are currently attempting to get our CAS instance to work with our new Banner
SSO Manager instance.
When we attempt to log in, we receive the following error:
com.ellucian.sso.exception.ApplicationException: UDC Id not available
from the ellucian product.
We have configured our cas.properties as follows:
-----------------------------
...
cas.authn.accept.users=
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://127.0.0.1/<http://127.0.0.1/>
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=dc=xxxxxxxxxxxxx
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=false
cas.authn.ldap[0].bindDn=xxxxxxxxxxxxx
cas.authn.ldap[0].bindCredential=xxxxxxxxxxxxx
cas.authn.ldap[0].principalAttributeId=displayName
cas.authn.ldap[0].principalAttributePassword=
cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
cas.authn.ldap[0].additionalAttributes=sn,cn
##CAS Attribute Repository
cas.authn.attributeRepository.defaultAttributesToRelease=sn,cn,displayName,UDC_IDENTIFIER
cas.authn.attributeRepository.ldap.ldapUrl=ldap://127.0.0.1/<http://127.0.0.1/>
cas.authn.attributeRepository.ldap.useSsl=false
cas.authn.attributeRepository.ldap.baseDn=xxxxxxxxxxxxxxxxxxxx
cas.authn.attributeRepository.ldap.userFilter=uid={0}
cas.authn.attributeRepository.ldap.bindDn=xxxxxxxxxxxxxxxxxx
cas.authn.attributeRepository.ldap.bindCredential=xxxxxxxxxxx
cas.authn.attributeRepository.attributes.cn<http://cas.authn.attributeRepository.attributes.cn>=cn
cas.authn.attributeRepository.attributes.sn<http://cas.authn.attributeRepository.attributes.sn>=sn
cas.authn.attributeRepository.attributes.displayName=displayName
cas.authn.attributeRepository.attributes.UDC_IDENTIFIER=displayName
...
-----------------------
Can someone please give us some guidance on troubleshooting this issue?
Thank you,
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected]<javascript:>.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/38688dbb-0bc6-459e-9975-18befa0cb819%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/38688dbb-0bc6-459e-9975-18befa0cb819%40apereo.org?utm_medium=email&utm_source=footer>.
--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1507131661.1689.9.camel%40uvic.ca.
