Hello, something similar is happening to me.
In cas apereo v6.6.15 and pac4j v5.4.6, I am trying to log in to Google and
Facebook through an endopoint.
In the json I have the following:
{
"@class": "org.apereo.cas.services.CasRegisteredService",
"serviceId": ...,
"name": ...,
"id": ...,
"evaluationOrder": 1,
"description": "CAS SSO V6.6.15",
"theme": "Theme",
"accessStrategy": {
"@class":
"org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled": true,
"ssoEnabled": true
},
"properties": {
"@class": "java.util.HashMap",
"httpHeaderEnableXFrameOptions": {
"@class": "org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values": [
"java.util.HashSet",
[
"true"
]
]
}
},
"attributeReleasePolicy": {
"@class": "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalIdAttribute": "email",
"allowedAttributes": [
"java.util.ArrayList",
[
"email",
"name",
"first_name",
"last_name",
"given_name",
"family_name"
]
]
},
"singleSignOnParticipationPolicy": {
"@class":
"org.apereo.cas.services.ChainingRegisteredServiceSingleSignOnParticipationPolicy",
"createCookieOnRenewedAuthentication": "TRUE",
"policies": [
"java.util.ArrayList",
[
{
"@class":
"org.apereo.cas.services.AuthenticationDateRegisteredServiceSingleSignOnParticipationPolicy",
"timeUnit": "SECONDS",
"timeValue": 2592000,
"order": 0
}
]
]
}
}
and when trying to validate the ticket in /validate endpoint the answer
is: yes, numerical ID and what I need is that it be the email and not an ID.
I am using pac4j for delegated auth and in cas.propertie I have tried the
following configurations:
cas.authn.attribute.release.enabled=true
cas.authn.authentication-attribute-release.enabled=true
cas.authn.pac4j.saml[].principal-id-attribute: email
as.authn.jaas[].principal.use-existing-principal-id: email
but none of them manage to get the ticket quality to respond with the email.
Well, I appreciate any help.
El viernes, 15 de marzo de 2019 a las 0:26:24 UTC-3, Andy Ng escribió:
> Hello,
>
> What version of CAS are you in? If you are in CAS > 5.3.9 (or the latest
> CAS 6.x), since Pac4j is updated to 3.6.1:
>
> You should see that *emails *is no longer there and there is an *email
> *attribute
> instead (which is in plain string)
>
> So you can get that very easily, no need to decode handle Google2Email.
>
>
> See if the above helps you
>
> Cheers!
> - Andy
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5e1854f-f12c-4beb-aeb3-587bcfa426d1n%40apereo.org.
