Are you solely creating services through the CAS management application? I know I ran into some weird behavior when I was inserting service definitions outside of the management app. I also ran into some funky behavior when multiple service definitions had the same ID.
On Sunday, March 18, 2018 at 6:05:05 PM UTC-5, Jeffrey Ramsay wrote: > > All - > > I'm hoping someone can help me to resolve this problem. I'm running CAS > 5.1.8 using a jdbc service registry which is not displaying the rejected > attributes set for the defined services. Access to the service is denied as > expected however, the only way to see what was set is by viewing the logs. > Also, there's no way to delete the attribute because it's not visible > through the cas management application; I've had to delete and recreate the > service to clear it. > > 2018-03-18 18:58:08,212 DEBUG > [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - > <[12] encoded attributes are available for release to [id=3,name=CAS > Client,description=CAS Client,serviceId=^ > https://home.catznet.science:2443/cas-client(/?|/.*)$,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme= > <null>,evaluationOrder=1,logoutType=NONE,attributeReleasePolicy=org.apereo.cas.services.ReturnAllAttributeReleasePolicy@7af77c01[attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@5651734a[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=<null>],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@758f4d16[enabled=true,ssoEnabled=true,requireAllAttributes=false,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false, > *rejectedAttributes={groupDeny*=*[]}]*,publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@5794ac9,logo=<null>,logoutUrl=<null>,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@19b9d72e[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>,bypassEnabled=false],informationUrl=<null>,privacyUrl=<null>,<null>]: > > [[firstname, isFromNewLogin, mail, authenticationDate, sAMAccountName, > successfulAuthenticationHandlers, cn, lastname, > samlAuthenticationStatementAuthMethod, UDC_IDENTIFIER, > authenticationMethod, longTermAuthenticationRequestTokenUsed]]> > > Thanks, > -Jeff > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/34c4ffb8-69f0-42e3-832d-789bdca16bda%40apereo.org.
