You may just need to set all of org.jasig.cas to DEBUG. You may need to set some org.opensaml ones also, but I'm not sure. -Scott
On Fri, Feb 20, 2009 at 9:27 AM, Julien Gribonvald < [email protected]> wrote: > I get all attributes if i use the serviceValidate, but not with the > samlValidate.... > > After i use this url for the serviceValidate to validate the ticket : > > https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H< > https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H > > > > and this one for the samlValidate : > > https://demo.esco-portail.org/cas/samlValidate?TARGET=http://localhost/foo/&ticket=ST-8-QYiSzjgf3McYceULaZrN-cas< > https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H > > > Did I missed something ? > > Else do you know how i could see the SAML builded by the cas server, in the > cas.log file ? If yes wich classes must I configure in the log4j ? > > thanks > > Julien G. > > Scott Battaglia a écrit : > >> Yes, my guess is that the fake url you provided isn't registered as being >> able to accept attributes in our Services Management tool. >> >> -Scott >> >> >> >> On Fri, Feb 20, 2009 at 8:20 AM, Marvin Addison >> <[email protected]<mailto: >> [email protected]>> wrote: >> >> > I can get only a >> > success saml ticket without attributes >> >> That would happen if you have not defined an attributeRepository bean >> in the deployerConfigContext.xml on the server. That is where you >> define the strategy for obtaining attributes from the principal >> identifier. Below is a a modified version of what we use to pull >> attributes from LDAP: >> >> <bean id="attributeRepository" >> >> class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> >> <property name="contextSource" ref="edIdContextSource" /> >> <property name="baseDN" value="ou=People,dc=vt,dc=edu" /> >> <property name="query" value="(uupid={0})" /> >> >> <!-- >> Attribute mapping beetween LDAP (key) and principal (value). >> Value may be either String or Set of String for multivalued mappings. >> --> >> <property name="ldapAttributesToPortalAttributes"> >> <map> >> <entry key="accountState" value="accountState" /> >> <entry key="authId" value="authId" /> >> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> >> <entry key="groupMembership" value="groupMembership" /> >> </map> >> </property> >> </bean> >> >> See the CAS User Manual for further information, >> http://www.ja-sig.org/wiki/display/CASUM/Attributes. >> >> Hope that helps, >> Marvin >> >> -- >> You are currently subscribed to [email protected] >> <mailto:[email protected]> as: [email protected] >> <mailto:[email protected]> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
