Hi Andy, I did setup my environment as yours and I also receive the surrogate user attributes.
My problem is about these ones: https://apereo.github.io/cas/6.0.x/installation/Surrogate-Authentication.html#surrogate-attributes In both methods I correctly receive surrogate user attributes, but only in preselection mode i receive surrogate principal ones. I tried with you suggested json conf both in cas 6.0 and 6.2 versions. Thanks again Michele On Friday, December 6, 2019 at 3:03:45 PM UTC+1, Andy Ng wrote: > > Hi Michele, > > I have setup a surrogate authentication demo in my testing docker > environment > <https://github.com/NgSekLong/SelectUrCAS/tree/master/source/protocol/surrogate-authentication>, > > I tried both CAS version 6.0.7 and 6.1.2 and the surrogate attribute seems > to be working just fine. > > I don't want to setup the exact config as yours, since it might take some > time. Instead, I used the following setup : > - Static Authentication > - Json Attribute Storage > - Json Surrogate Authentication mapping > - PHPCas Client > > I got the following account setup: > - Username: *surrogate-admin*, Attribute: name = Surrogate Admin > - Username: *surrogate-user*, Attribute: name = Surrogate User > - And *surrogate-admin* and *surrogate-user* is a surrogate relationship. > > *Result in the testing enviornment is that:* > After login with *surrogate-user* using *surrogate-admin* credential, my > client shows the correct attributes (Surrogate User). > > > > Is the above something similar to what you want to archive? Or by > surrogate attribute you have different envision of how the attribute should > be retrieved? > > I will paste some of my config below so you can have a look if you like to: > > ------------------------------------------------------------------------------------------------------------------------------------------------------- > *cas.yml* > cas.authn.accept.users: > surrogate-admin::Mellon,surrogate-user::Mellon,surrogate-user2::Mellon > > cas.authn.surrogate.json.location: > file://${RESOURCE_PATH}/${PROTOCOL_SURROGATE_AUTHENTICATION_PATH}/surrogate.json > cas.authn.attributeRepository.json: > - location: > file://${RESOURCE_PATH}/${PROTOCOL_SURROGATE_AUTHENTICATION_PATH}/surrogate-attributes.json > > > *surrogate-attributes.json* > { > "surrogate-user": { > "name":["Surrogate User"] > }, > "surrogate-user2": { > "name":["Surrogate User2"] > }, > "surrogate-admin": { > "name":["Surrogate Admin"] > } > } > > *surrogate.json* > { > "surrogate-admin": ["surrogate-user", "surrogate-user2"] > } > > > And I login using the following 2 methods: > - GUI mode: `+surrogate-admin` as , `Mellon` as password. Then select > my surrogate target. > - preselection mode: `surrogate-admin+surrogate-user` as username, > `Mellon` as password. > > > See if the above helps... > > > Cheers! > - Andy > > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/203cf25e-5fab-403b-8726-cebea84685db%40apereo.org.
