Since I'm the only "David" I see in this thread I assume you're asking me... but I'm not sure I understand the question. Where are you putting the JSON that you're expecting CAS to consume it and then spit it out in a SAML response?
Normally, CAS will get the attributes from whatever repositories you configure it to use, and take care of putting them into the response itself; you don't have to specify any JSON. As far as I know, multi-valued attributes should work just fine with that. The JSON I provided back earlier in this thread was in a service registry definition to show how to rename attributes, not provide their values. --Dave -- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* THE NEW SCHOOL • INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • [email protected] On Fri, Nov 16, 2018 at 10:08 AM Willian Gonzales <[email protected]> wrote: > Hi David! > > i'm praying that you see my question now because i really need your help. > I want to thank you because you really helped me showing the .json > configurattion. > But i need some help on this. > > How do i manage to do a multi value attribute on json. > I need the SAML response to be like this > > <Attribute Name="attribute"> <AttributeValue>1</AttributeValue> < > AttributeValue>2</AttributeValue> <AttributeValue>3</AttributeValue> </ > Attribute> > > Can you help me on this man? > > Regards > > Em quarta-feira, 16 de maio de 2018 11:49:10 UTC-3, David Curry escreveu: >> >> >> >> Here's a JSON definition for an Apache HTTPD with the Shibboleth >> mod_shib/shibd plug-in: >> >> { >> "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService", >> "serviceId" : "https://casdev-samlsp.newschool.edu/shibboleth";, >> "name" : "Apache Secured By SAML", >> "id" : 1509030300, >> "description" : "CAS development Apache mod_shib/shibd server with >> username/password protection", >> "metadataLocation" : " >> https://casdev-samlsp.newschool.edu/Shibboleth.sso/Metadata";, >> "attributeReleasePolicy" : { >> "@class" : >> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >> "allowedAttributes" : { >> "@class" : "java.util.TreeMap", >> "cn" : "urn:oid:2.5.4.3", >> "displayName" : "urn:oid:2.16.840.1.113730.3.1.241", >> "givenName" : "urn:oid:2.5.4.42", >> "mail" : "urn:oid:0.9.2342.19200300.100.1.3", >> "role" : "urn:newschool:attribute-def:role", >> "sn" : "urn:oid:2.5.4.4", >> "uid" : "urn:oid:0.9.2342.19200300.100.1.1", >> "UDC_IDENTIFIER": "urn:newschool:attribute-def:UDC_IDENTIFIER" >> } >> }, >> "evaluationOrder" : 1125 >> } >> >> But if your SP doesn't care about the funky notation, you can just do it >> the "regular" way... here's a definition for a test SP created via RSA's >> free IAMShowcase site (this is a cut-down copy of the entire registry entry >> to show the part you're interested in): >> >> { >> "serviceId": "IAMShowcase", >> "name": "RSA SAML Test Service Provider", >> "theme": null, >> "informationUrl": null, >> "privacyUrl": null, >> "id": 1202469081, >> "description": "The URL for the SP that talks to this service is >> https://sptest.iamshowcase.com/ixs?idp=<snip>", >> "evaluationOrder": -1, >> "attributeReleasePolicy": { >> "@class": >> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", >> "allowedAttributes": [ >> "displayName", >> "givenName", >> "sn", >> "uid" >> ] >> } >> } >> >> >> --Dave >> >> >> >> >> >> -- >> >> DAVID A. CURRY, CISSP >> *DIRECTOR OF INFORMATION SECURITY* >> INFORMATION TECHNOLOGY >> >> 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 >> +1 212 229-5300 x4728 • [email protected] >> >> [image: The New School] >> >> On Wed, May 16, 2018 at 9:07 AM, John D Giotta <[email protected]> wrote: >> >>> Do you have an example of this? >>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/3a71f33b-cc77-4c2a-be89-b712229a227a%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/b357bdfc-3d90-471a-88df-fb1507cd59fb%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/b357bdfc-3d90-471a-88df-fb1507cd59fb%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAOV_bpeoVfnGmA%2BHX%3DRjriu%2B%2BS-bnLTOdAeVi_f9uP1ZA%40mail.gmail.com.
