Cas version is 6
Nothing changed , i got SamlResponse without new attributes Maybe i miss something понедельник, 3 июня 2019 г., 18:39:20 UTC+3 пользователь Matthew Uribe написал: > > Andrey, > > cn and mail are attributes from my LDAP that are being released to the SP. > Based on the Internet2 attribute release policy, firstName (givenName) > is urn:oid:2.5.4.42, while lastName (sn) is urn:oid:2.5.4.4 > https://www.internet2.edu/help/attribute-release-policy/ > > If your SP is looking for specific attributes, they may need to be mapped > according to this Internet2 standard. > > Hopefully that helps. > > On Monday, June 3, 2019 at 8:37:39 AM UTC-6, Andrey Seledkov wrote: >> >> I will try , but what is 'cn' and 'mail' here? >> >> For my task I need to put in SamlResponse fisrtName and lastName which I >> retrieved from database >> >> понедельник, 3 июня 2019 г., 17:00:20 UTC+3 пользователь Matthew Uribe >> написал: >>> >>> Andrey, >>> >>> I don't know what version of CAS you're on, but for me, on CAS 5.2.x, I >>> have the following json for one of our SPs: >>> >>> { >>> "@class" : >>> "org.apereo.cas.support.saml.services.SamlRegisteredService", >>> "serviceId" : "service-id-here", >>> "name" : "name-here", >>> "id" : 1001, >>> "metadataLocation" : "https://service.address/SAML/Metadata";, >>> "attributeReleasePolicy" : { >>> "@class" : >>> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >>> "allowedAttributes" : { >>> "@class" : "java.util.TreeMap", >>> "cn" : "urn:oid:2.5.4.3", >>> "mail" : "urn:oid:0.9.2342.19200300.100.1.3" >>> } >>> }, >>> "evaluationOrder" : 25 >>> } >>> >>> >>> Have you tried using the Attribute Resolution & Release feature in the >>> CAS Dashboard to see what is being released by CAS? >>> >>> Matt >>> >>> >>> On Monday, June 3, 2019 at 5:53:36 AM UTC-6, Andrey Seledkov wrote: >>>> >>>> Hi team. >>>> >>>> When I worked with with SAML between CAS as IDp and Keycloak as SP , i >>>> cannot add addition attribute like firstName, lastName >>>> >>>> my cas seetings >>>> >>>> cas.authn.attributeRepository.jdbc[0].singleRow=true >>>> cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true >>>> >>>> cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM ml_emp WHERE {0} >>>> cas.authn.attributeRepository.jdbc[0].username=USERNAME >>>> >>>> cas.authn.attributeRepository.jdbc[0].driverClass=oracle.jdbc.OracleDriver >>>> cas.authn.attributeRepository.jdbc[0].user=${DB_USERNAME} >>>> cas.authn.attributeRepository.jdbc[0].password=${DB_PASSWORD} >>>> cas.authn.attributeRepository.jdbc[0].url=${DB_URL} >>>> >>>> cas.authn.attributeRepository.jdbc[0].attributes.FIRST_NAME=firstName >>>> cas.authn.attributeRepository.jdbc[0].attributes.LAST_NAME=lastName >>>> >>>> my json file >>>> >>>> { >>>> "@class": >>>> "org.apereo.cas.support.saml.services.SamlRegisteredService", >>>> "serviceId": "service-id-here", >>>> "name": "name-here", >>>> "id": 10000010, >>>> "evaluationOrder": 1, >>>> "metadataLocation": "file:/etc/cas/saml/saml.xml", >>>> "attributeReleasePolicy": { >>>> "@class": >>>> "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", >>>> "allowedAttributes": [ >>>> "firstName", >>>> "lastName" >>>> ] >>>> } >>>> } >>>> >>>> >>>> But when i redirect to Keycloak I dont see any additional attributes >>>> in SAMLReponse, could you please assist >>>> >>>> >>>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/48af023f-c83a-429e-9348-fd2a00387ae5%40apereo.org.
