[cas-user] SAML FriendlyName and Name using same value

Wed, 10 Jan 2018 13:29:19 -0800 

Hi all,

I'm pretty sure this is not a current feature of CAS 5.2.x, but I just 
wanted to ask this community if they found any way to do so by some config 
trickery.  If not, would the awesome CAS developers be interested in 
putting this on the list of future feature enhancements please?

So we're trying to use the saml idp of cas 5.2 to replace our shibboleth 
service.  Seems most SP's work but a few don't and unfortunately getting 
logs from vendors or technical insight is sometimes challenging.  But one 
distinct difference between the attributes shibboleth returns and cas IDP 
returns is that with cas, while you can specify the "return attribute x as 
name y" part, it's used for both the name and friendlyname values.

For example, in our config shibboleth returns the givenName like so:

        <saml2:Attribute *FriendlyName="givenName"*
*            Name="urn:oid:2.5.4.42" *
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <saml2:AttributeValue
                xmlns:xsd="http://www.w3.org/2001/XMLSchema";
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xsi:type="xsd:string">Jane</saml2:AttributeValue>
        </saml2:Attribute>


With Name="urn:oid:2.5.4.42" and FriendlyName="givenName".


In the cas service definition I can specify givenName should be returned as 
urn:oid:2.5.4.42, which is awesome, but the urn:oid... is used for both 
Name and FriendlyName values.


  attributeReleasePolicy:
  {
    @class: org.apereo.cas.services.ReturnMappedAttributeReleasePolicy
    allowedAttributes:
    {
      @class: java.util.TreeMap
      givenName: "urn:oid:2.5.4.42"
...............


        <saml2:Attribute *FriendlyName="urn:oid:2.5.4.42"*
*            Name="urn:oid:2.5.4.42" *
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
            <saml2:AttributeValue
                xmlns:xsd="http://www.w3.org/2001/XMLSchema";
                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xsi:type="xsd:string">Jane</saml2:AttributeValue>
        </saml2:Attribute>


Anyone know of a way to specify a different value for FriendlyName than 
Name?


Thanks,
William

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a58be248-9a81-4d24-a3b4-701eaf90c9e9%40apereo.org.

Reply via email to