Since I'm the only "David" I see in this thread I assume you're asking
me... but I'm not sure I understand the question. Where are you putting the
JSON that you're expecting CAS to consume it and then spit it out in a SAML
response?

Normally, CAS will get the attributes from whatever repositories you
configure it to use, and take care of putting them into the response
itself; you don't have to specify any JSON. As far as I know, multi-valued
attributes should work just fine with that.

The JSON I provided back earlier in this thread was in a service registry
definition to show how to rename attributes, not provide their values.

--Dave

--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
THE NEW SCHOOL • INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu


On Fri, Nov 16, 2018 at 10:08 AM Willian Gonzales <etrust...@gmail.com>
wrote:

> Hi David!
>
> i'm praying that you see my question now because i really need your help.
> I want to thank you because you really helped me showing the .json
> configurattion.
> But i need some help on this.
>
> How do i manage to do a multi value attribute on json.
> I need the SAML response to be like this
>
> <Attribute Name="attribute"> <AttributeValue>1</AttributeValue> <
> AttributeValue>2</AttributeValue> <AttributeValue>3</AttributeValue> </
> Attribute>
>
> Can you help me on this man?
>
> Regards
>
> Em quarta-feira, 16 de maio de 2018 11:49:10 UTC-3, David Curry escreveu:
>>
>>
>>
>> Here's a JSON definition for an Apache HTTPD with the Shibboleth
>> mod_shib/shibd plug-in:
>>
>> {
>>   "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
>>   "serviceId" : "https://casdev-samlsp.newschool.edu/shibboleth";,
>>   "name" : "Apache Secured By SAML",
>>   "id" : 1509030300,
>>   "description" : "CAS development Apache mod_shib/shibd server with
>> username/password protection",
>>   "metadataLocation" : "
>> https://casdev-samlsp.newschool.edu/Shibboleth.sso/Metadata";,
>>   "attributeReleasePolicy" : {
>>     "@class" :
>> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
>>     "allowedAttributes" : {
>>       "@class" : "java.util.TreeMap",
>>       "cn" : "urn:oid:2.5.4.3",
>>       "displayName" : "urn:oid:2.16.840.1.113730.3.1.241",
>>       "givenName" : "urn:oid:2.5.4.42",
>>       "mail" : "urn:oid:0.9.2342.19200300.100.1.3",
>>       "role" : "urn:newschool:attribute-def:role",
>>       "sn" : "urn:oid:2.5.4.4",
>>       "uid" : "urn:oid:0.9.2342.19200300.100.1.1",
>>       "UDC_IDENTIFIER": "urn:newschool:attribute-def:UDC_IDENTIFIER"
>>     }
>>   },
>>   "evaluationOrder" : 1125
>> }
>>
>> But if your SP doesn't care about the funky notation, you can just do it
>> the "regular" way... here's a definition for a test SP created via RSA's
>> free IAMShowcase site (this is a cut-down copy of the entire registry entry
>> to show the part you're interested in):
>>
>> {
>>     "serviceId": "IAMShowcase",
>>     "name": "RSA SAML Test Service Provider",
>>     "theme": null,
>>     "informationUrl": null,
>>     "privacyUrl": null,
>>     "id": 1202469081,
>>     "description": "The URL for the SP that talks to this service is
>> https://sptest.iamshowcase.com/ixs?idp=<snip>",
>>     "evaluationOrder": -1,
>>     "attributeReleasePolicy": {
>>         "@class":
>> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
>>         "allowedAttributes": [
>>             "displayName",
>>             "givenName",
>>             "sn",
>>             "uid"
>>         ]
>>     }
>> }
>>
>>
>> --Dave
>>
>>
>>
>>
>>
>> --
>>
>> DAVID A. CURRY, CISSP
>> *DIRECTOR OF INFORMATION SECURITY*
>> INFORMATION TECHNOLOGY
>>
>> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
>> +1 212 229-5300 x4728 • david.cu...@newschool.edu
>>
>> [image: The New School]
>>
>> On Wed, May 16, 2018 at 9:07 AM, John D Giotta <jdgi...@gmail.com> wrote:
>>
>>> Do you have an example of this?
>>>
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+u...@apereo.org.
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org?utm_medium=email&utm_source=footer>
>>> .
>>>
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/b357bdfc-3d90-471a-88df-fb1507cd59fb%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/b357bdfc-3d90-471a-88df-fb1507cd59fb%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOV_bpeoVfnGmA%2BHX%3DRjriu%2B%2BS-bnLTOdAeVi_f9uP1ZA%40mail.gmail.com.

Reply via email to