Hi Michele,
I have setup a surrogate authentication demo in my testing docker
environment
<https://github.com/NgSekLong/SelectUrCAS/tree/master/source/protocol/surrogate-authentication>,
I tried both CAS version 6.0.7 and 6.1.2 and the surrogate attribute seems
to be working just fine.
I don't want to setup the exact config as yours, since it might take some
time. Instead, I used the following setup :
- Static Authentication
- Json Attribute Storage
- Json Surrogate Authentication mapping
- PHPCas Client
I got the following account setup:
- Username: *surrogate-admin*, Attribute: name = Surrogate Admin
- Username: *surrogate-user*, Attribute: name = Surrogate User
- And *surrogate-admin* and *surrogate-user* is a surrogate relationship.
*Result in the testing enviornment is that:*
After login with *surrogate-user* using *surrogate-admin* credential, my
client shows the correct attributes (Surrogate User).
Is the above something similar to what you want to archive? Or by surrogate
attribute you have different envision of how the attribute should be
retrieved?
I will paste some of my config below so you can have a look if you like to:
-------------------------------------------------------------------------------------------------------------------------------------------------------
*cas.yml*
cas.authn.accept.users:
surrogate-admin::Mellon,surrogate-user::Mellon,surrogate-user2::Mellon
cas.authn.surrogate.json.location:
file://${RESOURCE_PATH}/${PROTOCOL_SURROGATE_AUTHENTICATION_PATH}/surrogate.json
cas.authn.attributeRepository.json:
- location:
file://${RESOURCE_PATH}/${PROTOCOL_SURROGATE_AUTHENTICATION_PATH}/surrogate-attributes.json
*surrogate-attributes.json*
{
"surrogate-user": {
"name":["Surrogate User"]
},
"surrogate-user2": {
"name":["Surrogate User2"]
},
"surrogate-admin": {
"name":["Surrogate Admin"]
}
}
*surrogate.json*
{
"surrogate-admin": ["surrogate-user", "surrogate-user2"]
}
And I login using the following 2 methods:
- GUI mode: `+surrogate-admin` as , `Mellon` as password. Then select
my surrogate target.
- preselection mode: `surrogate-admin+surrogate-user` as username,
`Mellon` as password.
See if the above helps...
Cheers!
- Andy
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/79ce5a89-0fbd-43aa-a4f7-d4424df152ee%40apereo.org.
