Sebastien,
To see what is happening on CAS side, put this in your CAS log config:
<!-- DEBUG Resolved service [limited details about service]
Located registered service definition [service details] -->
<AsyncLogger name="org.apereo.cas.DefaultCentralAuthenticationService"
level="debug" />
<!-- DEBUG Found principal attributes [...] for [username]
Attribute policy [???] allows release of [...] for [username]
Final collection of attributes allowed are: [...] -->
<AsyncLogger
name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy"
level="debug"/>
<!-- turn on all service debugging -->
<AsyncLogger name="org.apereo.cas.services" level="debug"/>
Have you configured LDAP to release those attributes?
Ray
On Wed, 2018-01-10 at 06:11 -0800, Sébastien Ragons wrote:
Hello,
I am trying to get attribute from LDAP but with no success since days.
So i tried a basic configuration but it doesnt work.
My basic configuration:
# Authentification LDAP
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldap://frparantgaga:389/
cas.authn.ldap[0].useSsl=false
cas.authn.ldap[0].useStartTls=false
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].baseDn=o=antalis
cas.authn.ldap[0].userFilter=(|(uid={user})(mail={user}))
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=true
# Credential to connect to LDAP
cas.authn.ldap[0].bindDn=cn=root,o=antalis
cas.authn.ldap[0].bindCredential=passwd
# authentication-attributes
cas.authn.ldap[0].principalAttributeList=sn,cn,mail,description
cas.authn.attributeRepository.attributes.sn=sn
cas.authn.attributeRepository.attributes.cn=cn
cas.authn.attributeRepository.attributes.mail=mail
cas.authn.attributeRepository.attributes.description=description
I configured my service to get all attributes
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : ".*",
"name" : "Service 3 avec theme 2",
"theme" : "theme2",
"id" : 3,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
}
}
Client side the principal doesnt contain none of the configured attributes.
CAS server's logs seem to indicate that there is no attribute to release:
.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes
[{}] for [[email protected]]>
I'm aware about the article on the blog about attributes:
https://apereo.github.io/2017/02/22/cas51-dbauthn-tutorial/
I've consulted several questions about this topic on this group.
I dont understand why it doesnt work.
Could you help me ?
Thank you
Sebastien
--
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | [email protected]
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1515601831.1878.100.camel%40uvic.ca.
