So I found the problem, but I don't have any issue for now for the SAML
service...
So finally CAS send attributes in ISO-8859-1 whereas the attributes in
LDAP are UTF-8 and the local on the systems are also UTF-8.
One thing that I did was to add this such line in the
casServiceValidationSuccess.jsp to force the UTF-8 encoding :
<%@ page contentType="text/html;charset=UTF-8" %>
an other solution is to set in the web.xml a such thing :
|
|<||jsp-config||>|
|<||jsp-property-group||>|
|<||description||>|Config. de l'encodage des pages
JSP|<||/||description||>|
|<||url-pattern||>|*.jsp|<||/||url-pattern||>|
|<||page-encoding||>|UTF-8|<||/||page-encoding||>|
|<||/||jsp-property-group||>|
...
|<||/||jsp-config||>| |
So is there someone who has an idea on about to solve the problem with
samlService ?
thanks
Julien
Julien Gribonvald a écrit :
This doesn't help a lot, i know only which attributes are loaded from
LDAP but i don't get all values :'( , I get only the password, login
and uid...
Julien G.
Scott Battaglia a écrit :
You may just need to set all of org.jasig.cas to DEBUG. You may need
to set some org.opensaml ones also, but I'm not sure.
-Scott
On Fri, Feb 20, 2009 at 9:27 AM, Julien Gribonvald
<[email protected] <mailto:[email protected]>> wrote:
I get all attributes if i use the serviceValidate, but not with
the samlValidate....
After i use this url for the serviceValidate to validate the
ticket :
https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H
<https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H>
<https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H
<https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H>>
and this one for the samlValidate :
https://demo.esco-portail.org/cas/samlValidate?TARGET=http://localhost/foo/&ticket=ST-8-QYiSzjgf3McYceULaZrN-cas
<https://demo.esco-portail.org/cas/samlValidate?TARGET=http://localhost/foo/&ticket=ST-8-QYiSzjgf3McYceULaZrN-cas>
<https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H
<https://demo.esco-portail.org/cas/serviceValidate?service=http://localhost/foo/&ticket=ST-1-cj44HSdxTA0ANCPxJG4H>>
Did I missed something ?
Else do you know how i could see the SAML builded by the cas
server, in the cas.log file ? If yes wich classes must I configure
in the log4j ?
thanks
Julien G.
Scott Battaglia a écrit :
Yes, my guess is that the fake url you provided isn't
registered as being able to accept attributes in our Services
Management tool.
-Scott
On Fri, Feb 20, 2009 at 8:20 AM, Marvin Addison
<[email protected] <mailto:[email protected]>
<mailto:[email protected]
<mailto:[email protected]>>> wrote:
> I can get only a
> success saml ticket without attributes
That would happen if you have not defined an
attributeRepository bean
in the deployerConfigContext.xml on the server. That is
where you
define the strategy for obtaining attributes from the
principal
identifier. Below is a a modified version of what we use
to pull
attributes from LDAP:
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="edIdContextSource" />
<property name="baseDN" value="ou=People,dc=vt,dc=edu" />
<property name="query" value="(uupid={0})" />
<!--
Attribute mapping beetween LDAP (key) and principal (value).
Value may be either String or Set of String for
multivalued mappings.
-->
<property name="ldapAttributesToPortalAttributes">
<map>
<entry key="accountState" value="accountState" />
<entry key="authId" value="authId" />
<entry key="eduPersonAffiliation"
value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</map>
</property>
</bean>
See the CAS User Manual for further information,
http://www.ja-sig.org/wiki/display/CASUM/Attributes.
Hope that helps,
Marvin
--
You are currently subscribed to [email protected]
<mailto:[email protected]>
<mailto:[email protected]
<mailto:[email protected]>> as:
[email protected] <mailto:[email protected]>
<mailto:[email protected]
<mailto:[email protected]>>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
-- You are currently subscribed to
[email protected]
<mailto:[email protected]> as:
[email protected] <mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
-- You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
