Baron,
You may be able to get some data from these loggers:
<!-- DEBUG Found principal attributes [...] for [username]
Attribute policy [???] allows release of [...] for [username]
Final collection of attributes allowed are: [...] -->
<AsyncLogger
name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy"
level="debug"/>
<!-- DEBUG Response code from server matched [###] may be useful for
debugging proxy
Created HTTP post message payload [POST URL] on logout -->
<AsyncLogger name="org.apereo.cas.util.http.SimpleHttpClient"
level="debug" />
<!-- DEBUG outbound and inbound headers and response-->
<AsyncLogger name="org.apache.http" level="debug" />
Ray
On Wed, 2021-07-14 at 08:02 -1000, Baron Fujimoto wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Can CAS logging be configured to log validation responses as they would be sent
to the client? E.g., something like this for /p3/serviceValidate:
<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas";>
<cas:authenticationSuccess>
<cas:user>username</cas:user>
<cas:attributes>
<cas:firstname>John</cas:firstname>
<cas:lastname>Doe</cas:lastname>
<cas:title>Mr.</cas:title>
<cas:email>[email protected]<mailto:[email protected]></cas:email>
<cas:affiliation>staff</cas:affiliation>
<cas:affiliation>faculty</cas:affiliation>
</cas:attributes>
<cas:proxyGrantingTicket>PGTIOU-84678-8a9d...</cas:proxyGrantingTicket>
</cas:authenticationSuccess>
</cas:serviceResponse>
This doesn't seem to do it for our CAS 5.0:
<AsyncLogger name="org.apereo" level="debug" additivity="false"
includeLocation="true">
I'm trying to troubleshoot one of our clients wrestling with their OnBase
configuration. They are unable to get their required username attribute, and I
can see from our logs they're using /p3/serviceValidate. Some of the logical
looking attribute mappings in their config haven't been successful. I'm hoping
if we can provide an example of an actual response to their /p3/serviceValidate
this will provide clarification, or at least solid data they can use for a
support ticket with the vendor.
--
Baron Fujimoto <[email protected]<mailto:[email protected]>> :: UH Information
Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/205a5b6c5dd06984c83a21807c977ba6f2d84a07.camel%40uvic.ca.
