Hello -
I'm evaluating CAS for my company, and so far I've managed to get
authentication working against our Active Directory. Now I'm trying to get
LDAP attributes to the client, and I'm stuck on the server configuration
(I'm using 3.4.2.1).
The configuration I've put together is based on several different sources
and forum emails, but I don't know if I'm heading in the right direction or
not. Any help will be greatly appreciated!
In deployerConfigContext.xml -
I've added a CredentialsToLDAPAttributePrincipalResolver, and it references
an attribute repository:
<property name="attributeRepository">
<ref bean="attribRepository" />
</property>
Which is shown below. The entries in the resultAttributeMapping should
appear in the assertion attributes, keyed by the "value" name, yes?
<bean id="attribRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="baseDN" value="cn=Users,dc=myCompany,dc=com" />
<property name="contextSource" ref="contextSource" />
<property name="queryTemplate" value="{0}" />
<property name="queryAttributeMapping">
<map>
<entry key="username" value="sAMAccountName"/>
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="groupMembership"
value="GroupMembership" />
<entry key="distinguishedName"
value="DistinguishedName" />
<entry key="givenName" value="FirstName" />
<entry key="sn" value="LastName" />
<entry key="mail" value="EmailAddress" />
</map>
</property>
</bean>
I'm using the default InMemoryServiceRegistryDaoImpl. The
attributeRepository bean is referenced from cas-servlet.xml (for service
registry management, I guess) so I've configured it to match:
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.StubPersonAttributeDao">
<property name="backingMap">
<map>
<entry key="groupMembership"
value="GroupMembership" />
<entry key="distinguishedName"
value="DistinguishedName" />
<entry key="givenName" value="FirstName" />
<entry key="sn" value="LastName" />
<entry key="mail" value="EmailAddress" />
</map>
</property>
</bean>
I'll be using the Saml11TicketValidationFilter on the client, so this is my
attempt to wire up the validator. But I'm guessing - it doesn't really line
up with everything I've read (i.e.,
https://lists.wisc.edu/read/messages?id=8057150).
<bean id="casAuthenticationProvider"
class="web.security.PMSAuthenticationProvider">
<property name="authenticationUserDetailsService"
ref="userService" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean
class="org.jasig.cas.client.validation.Saml11TicketValidator">
<constructor-arg index="0"
value="${cas.securityContext.ticketValidator.casServerUrlPrefix}" />
</bean>
</property>
<property name="key" value="an_id_for_this_auth_provider_only"
/>
</bean>
The problem with this is I get ClassNotFoundException on
PMSAuthenticationProvider, and I can't find that class anywhere.
I'm stuck. Can someone please put me on the right track?
Thanks in advance!
Merlin
--
View this message in context:
http://jasig.275507.n4.nabble.com/Newbie-Question-about-Saml11TicketValidator-tp2398757p2398757.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
