It start to work, when I ran it without Docker, locally
These attributes enough to retrieve data in SAMLReponse
#cas.authn.attributeRepository.jdbc[0].singleRow=true
#cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
#
#cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM ml_emp WHERE {0}
#cas.authn.attributeRepository.jdbc[0].username=USERNAME
#cas.authn.attributeRepository.jdbc[0].driverClass=oracle.jdbc.OracleDriver
#cas.authn.attributeRepository.jdbc[0].user=overlord
#cas.authn.attributeRepository.jdbc[0].password=n3fuF3xu
#cas.authn.attributeRepository.jdbc[0].url=
#cas.authn.attributeRepository.defaultAttributesToRelease=firstName,lastName
#
#cas.authn.attributeRepository.jdbc[0].attributes.FIRST_NAME=firstName
#cas.authn.attributeRepository.jdbc[0].attributes.LAST_NAME=lastName
But when I ran it over Docker - nothing
четверг, 6 июня 2019 г., 16:48:36 UTC+3 пользователь Matthew Uribe написал:
>
> Same as Andy, I have CAS 5 working as SAML IdP. But I assume there are
> others here doing so with CAS 6. In any case, I noticed in your log that
> your issuer is "localhost:8443/cas/idp". Do you have your cas.server.name
> and related properties set? It looks like it's creating the SAML response,
> but then it can't find the service ticket, which could explain why your SP
> is not getting anywhere.
>
> "name and prefix are always required settings"
> https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties.html#cas-server
>
>
> On Thursday, June 6, 2019 at 5:37:17 AM UTC-6, Andrey Seledkov wrote:
>>
>> In docs
>>
>> In order to allow CAS to support and respond to attribute queries, you
>> need to make sure the generated metadata has the
>> AttributeAuthorityDescriptor element enabled
>>
>> I noticed that when i put
>>
>> cas.authn.samlIdp.attributeQueryProfileEnabled=true
>>
>>
>> in idp-metadata.xml tag AttributeAuthorityDescriptor commented and it is
>> ignoring my flag
>>
>> четверг, 6 июня 2019 г., 4:19:39 UTC+3 пользователь Andy Ng написал:
>>>
>>> Hi Andrey,
>>>
>>> I do know for a fact that my CAS 5.3.x is running with SAML as idp and
>>> connecting to other SAML sp just fine (multiple SAML client, including
>>> SimpleSAMLPHP), no need modify the generated idp-metadata.xmp for me.
>>>
>>> So... Maybe if you still can't successfully connect to SAML, it could be
>>> the following:
>>> - Maybe CAS 6 have bug
>>> - Maybe keycloak doesn't actually return the attribute to you (highly
>>> doubt it)
>>> - Maybe your config is wrong (which is unlikely, from what you provide
>>> it seems the config is ok)
>>>
>>> So, maybe try using CAS 5.3.x and see if that work? CAS 5 to 6 have a
>>> big jump, so it is possible that there is some obscure bug that discovered
>>> first by you.
>>>
>>> - Andy
>>>
>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7d408045-39b1-403e-8723-e3bdf87bfdf6%40apereo.org.
