This is my response string: <SOAP-ENV:Envelope> <SOAP-ENV:Header/> − <SOAP-ENV:Body> − <Response IssueInstant="2010-06-08T10:43:31.751Z" MajorVersion="1" MinorVersion="1" Recipient="https://localhost:11686/SegnalazioniST/"; ResponseID="_f5596db3c053f3d9e3d4d8315afa704d"> − <Status> <StatusCode Value="samlp:Success"/> </Status> − <Assertion AssertionID="_42851114b8976acdca1c120d92e43178" IssueInstant="2010-06-08T10:43:31.751Z" Issuer="localhost" MajorVersion="1" MinorVersion="1"> − <Conditions NotBefore="2010-06-08T10:43:31.751Z" NotOnOrAfter="2010-06-08T10:44:01.751Z"> − <AudienceRestrictionCondition> <Audience>https://localhost:11686/SegnalazioniST/</Audience> </AudienceRestrictionCondition> </Conditions> − <AuthenticationStatement AuthenticationInstant="2010-06-08T10:43:31.571Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> − <Subject> <NameIdentifier>st1piemonte1</NameIdentifier> − <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact</ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> </Assertion> </Response> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
How do I configure the server to send this information? Which server with the CAS server or OpenLDAP? Thanks _________________________________________ Paolo Giammarco / Capgemini / Rome, Italy Consultant / Java Factory e-mail: [email protected] tel: +39 06231901 _________________________________________ ________________________________________ Da: Tobias Trelle [[email protected]] Inviato: martedì 8 giugno 2010 12.36 A: [email protected] Oggetto: Re: R: R: R: R: Re:[cas-user] Retrieve logon info paolo-3 wrote: > > I did a debug of class Saml11TicketValidator. > The problem seems to be the method parseResponseFromServer, within the > method call to getAttributesFor (assertion, subject) returns an empty > array. > On my application, I retrieve the attributes Name, Email and Username from an LDAP attribute repository. If I debug the client side in method parseResponseFromServer(String response), my response string looks like this: -------------- snip ----------------------- <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> <SOAP-ENV:Header /> <SOAP-ENV:Body> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; IssueInstant="2010-06-08T10:24:27.331Z" MajorVersion="1" MinorVersion="1" Recipient="http://localhost:8080/casclient/secure/"; ResponseID="_b25d928338f91dc9b34f590655769ffc"> <Status> <StatusCode Value="samlp:Success"></StatusCode> </Status> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="_e5f5c66e16a862da0e5ba099b90e7ac9" IssueInstant="2010-06-08T10:24:27.331Z" Issuer="localhost" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2010-06-08T10:24:27.331Z" NotOnOrAfter="2010-06-08T10:24:57.331Z"> <AudienceRestrictionCondition> <Audience>http://localhost:8080/casclient/secure/</Audience> </AudienceRestrictionCondition> </Conditions> <AttributeStatement> <Subject> <NameIdentifier>user1</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact </ConfirmationMethod> </SubjectConfirmation> </Subject> <Attribute AttributeName="Name" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>User1 CN</AttributeValue> </Attribute> <Attribute AttributeName="Email" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>[email protected]</AttributeValue> </Attribute> <Attribute AttributeName="Username" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>user1</AttributeValue> </Attribute> </AttributeStatement> <AuthenticationStatement AuthenticationInstant="2010-06-08T10:24:26.646Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> <Subject> <NameIdentifier>user1</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:artifact </ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> </Assertion> </Response> </SOAP-ENV:Body> </SOAP-ENV:Envelope> -------------- snap ----------------------- Is there an <AttributeStatement> node on your client holding several <Attribute> sub nodes? If not, the server DOES NOT send them. My array of SAMLAttribute's look like: --------------- snip------------------------ [ <Attribute xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; AttributeName="Name" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>User1 CN</AttributeValue> </Attribute> , <Attribute xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; AttributeName="Email" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>[email protected]</AttributeValue> </Attribute> , <Attribute xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; AttributeName="Username" AttributeNamespace="http://www.ja-sig.org/products/cas/";> <AttributeValue>user1</AttributeValue> </Attribute> ] --------------- snap------------------------ Best wishes -- Tobias -- View this message in context: http://jasig.275507.n4.nabble.com/Retrieve-logon-info-tp2245891p2247170.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
