[cas-user] Re: CAS 7.1 SAML attributes releases policy

Wed, 11 Dec 2024 06:45:38 -0800 

This is a feature of CAS 7, for common eduperson attrbutes by default CAS 
will now send the proper UIDs. 
Review src/main/resources/samlidp-attribute-definitions.json to see the 
attributes automatically named. You can replace the file with a blank one 
if you want to disable this feature.
On Wednesday, December 11, 2024 at 8:24:40 AM UTC-5 wouldsmina wrote:

> Hi,
>
> I am preparing to migrate my CAS server from version 6 to 7.1, but I am 
> encountering an issue with attribute release in SAML.
>
> In version 6, this works fine, but in version 7, no attributes are being 
> transmitted. 
> Here is the content of my service file:
> {
>   "@class": "org.apereo.cas.support.saml.services.SamlRegisteredService",
>   "serviceId": "^https://git\\.univ-xxxx\\.fr";,
>   "name": "git",
>   "id": 1637335622,
>   "description": "git",
>   usernameAttributeProvider:
>   {
>     @class: 
> org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider
>     usernameAttribute: uid
>   }
>   attributeReleasePolicy:
>   {
>     @class: org.apereo.cas.services.ReturnAllAttributeReleasePolicy
>   }
>   "requiredNameIdFormat": 
> "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified",
>   "metadataLocation": "https://git.univ-xxxx.fr/users/auth/saml/metadata";,
>   "signAssertions": false,
>   "signResponses": true
> }
>
>
> Here is what the logs show:
> WHAT: {result=Service Access Granted, 
> principal=SimplePrincipal(id=xxxxxxx, *attributes={}*), service=
> https://git.univ-xxxx.fr, requiredAttributes={}}
>
> I have tried different methods based on this page 
> <https://apereo.github.io/cas/development/integration/Attribute-Release-Policies.html>
>  
> of the documentation, but it hasn't improved the situation.
>
> Does the service file for SAML need to change between version 6 and 7? Or 
> is there perhaps a parameter that needs to be added to the CAS 
> configuration? I’ve searched through the documentation but can’t find 
> anything specific. Could someone please help me?
>
> Best regards,
>

-- 
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/6985bcf5-62a6-4071-a99f-9b1c17288c58n%40apereo.org.

Reply via email to