In our cas.properties, we also have: cas.personDirectory.principalAttribute=uid,mail cas.personDirectory.returnNull=false cas.personDirectory.principalResolutionFailureFatal=false
Hope this helps. On Wednesday, January 10, 2018 at 10:30:38 AM UTC-6, rbon wrote: > > Sebastien, > > To see what is happening on CAS side, put this in your CAS log config: > > <!-- DEBUG Resolved service [limited details about service] > Located registered service definition [service details] > --> > <AsyncLogger > name="org.apereo.cas.DefaultCentralAuthenticationService" level="debug" /> > <!-- DEBUG Found principal attributes [...] for [username] > Attribute policy [???] allows release of [...] for > [username] > Final collection of attributes allowed are: [...] --> > <AsyncLogger > name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy" > > level="debug"/> > > <!-- turn on all service debugging --> > <AsyncLogger name="org.apereo.cas.services" level="debug"/> > > Have you configured LDAP to release those attributes? > > Ray > > On Wed, 2018-01-10 at 06:11 -0800, Sébastien Ragons wrote: > > Hello, > > I am trying to get attribute from LDAP but with no success since days. > So i tried a basic configuration but it doesnt work. > > My basic configuration: > # Authentification LDAP > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].ldapUrl=ldap://frparantgaga:389/ > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > cas.authn.ldap[0].connectTimeout=5000 > cas.authn.ldap[0].baseDn=o=antalis > cas.authn.ldap[0].userFilter=(|(uid={user})(mail={user})) > cas.authn.ldap[0].subtreeSearch=true > cas.authn.ldap[0].usePasswordPolicy=true > > # Credential to connect to LDAP > cas.authn.ldap[0].bindDn=cn=root,o=antalis > cas.authn.ldap[0].bindCredential=passwd > > # authentication-attributes > cas.authn.ldap[0].principalAttributeList=sn,cn,mail,description > cas.authn.attributeRepository.attributes.sn=sn > cas.authn.attributeRepository.attributes.cn=cn > cas.authn.attributeRepository.attributes.mail=mail > cas.authn.attributeRepository.attributes.description=description > > > I configured my service to get all attributes > { > "@class" : "org.apereo.cas.services.RegexRegisteredService", > "serviceId" : ".*", > "name" : "Service 3 avec theme 2", > "theme" : "theme2", > "id" : 3, > "attributeReleasePolicy" : { > "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" > } > } > > > Client side the principal doesnt contain none of the configured attributes. > CAS server's logs seem to indicate that there is no attribute to release: > > .AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal > attributes [{}] for [[email protected] <javascript:>]> > > > > I'm aware about the article on the blog about attributes: > https://apereo.github.io/2017/02/22/cas51-dbauthn-tutorial/ > I've consulted several questions about this topic on this group. > I dont understand why it doesnt work. > > Could you help me ? > Thank you > > Sebastien > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] <javascript:> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2f817a19-2b89-4944-a3c7-794b773e7cad%40apereo.org.
