I've also just set up ldap attrib passing, so maybe I can help Your error is client side, so which client are you attempting to use?
Also, I'm not quite sure what you are doing at this point: > I'm using the default InMemoryServiceRegistryDaoImpl. The > attributeRepository bean is referenced from cas-servlet.xml (for service > registry management, I guess) so I've configured it to match: > > <bean id="attributeRepository" > > class="org.jasig.services.persondir.support.StubPersonAttributeDao"> > <property name="backingMap"> > <map> > <entry key="groupMembership" > value="GroupMembership" /> > <entry key="distinguishedName" > value="DistinguishedName" /> > <entry key="givenName" value="FirstName" /> > <entry key="sn" value="LastName" /> > <entry key="mail" value="EmailAddress" /> > </map> > </property> > </bean> Also, I posted a walkthrough of my how I setup attrib passing, maybe it would be useful to you: http://bowerstudios.com/node/645 Particularly, this bean: <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider" p:key="my_password_for_this_auth_provider_only" p:serviceProperties-ref="serviceProperties" p:authenticationUserDetailsService-ref="userDetailsService"> <property name="ticketValidator"> <bean class="org.jasig.cas.client.validation.Saml11TicketValidator"> <constructor-arg index="0" value="${cas.securityContext.ticketValidator.casServerUrlPrefix}" /> </bean> </property> </bean> Good Luck, Daniel On Sat, Aug 28, 2010 at 6:35 PM, merlin vincent <[email protected]> wrote: > > Hello - > > I'm evaluating CAS for my company, and so far I've managed to get > authentication working against our Active Directory. Now I'm trying to get > LDAP attributes to the client, and I'm stuck on the server configuration > (I'm using 3.4.2.1). > > The configuration I've put together is based on several different sources > and forum emails, but I don't know if I'm heading in the right direction or > not. Any help will be greatly appreciated! > > In deployerConfigContext.xml - > > I've added a CredentialsToLDAPAttributePrincipalResolver, and it references > an attribute repository: > > <property name="attributeRepository"> > <ref bean="attribRepository" /> > </property> > > Which is shown below. The entries in the resultAttributeMapping should > appear in the assertion attributes, keyed by the "value" name, yes? > > <bean id="attribRepository" > class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> > <property name="baseDN" value="cn=Users,dc=myCompany,dc=com" /> > <property name="contextSource" ref="contextSource" /> > <property name="queryTemplate" value="{0}" /> > <property name="queryAttributeMapping"> > <map> > <entry key="username" value="sAMAccountName"/> > </map> > </property> > <property name="resultAttributeMapping"> > <map> > <entry key="groupMembership" > value="GroupMembership" /> > <entry key="distinguishedName" > value="DistinguishedName" /> > <entry key="givenName" value="FirstName" /> > <entry key="sn" value="LastName" /> > <entry key="mail" value="EmailAddress" /> > </map> > </property> > </bean> > > I'm using the default InMemoryServiceRegistryDaoImpl. The > attributeRepository bean is referenced from cas-servlet.xml (for service > registry management, I guess) so I've configured it to match: > > <bean id="attributeRepository" > > class="org.jasig.services.persondir.support.StubPersonAttributeDao"> > <property name="backingMap"> > <map> > <entry key="groupMembership" > value="GroupMembership" /> > <entry key="distinguishedName" > value="DistinguishedName" /> > <entry key="givenName" value="FirstName" /> > <entry key="sn" value="LastName" /> > <entry key="mail" value="EmailAddress" /> > </map> > </property> > </bean> > > I'll be using the Saml11TicketValidationFilter on the client, so this is my > attempt to wire up the validator. But I'm guessing - it doesn't really line > up with everything I've read (i.e., > https://lists.wisc.edu/read/messages?id=8057150). > > <bean id="casAuthenticationProvider" > class="web.security.PMSAuthenticationProvider"> > <property name="authenticationUserDetailsService" > ref="userService" /> > <property name="serviceProperties" ref="serviceProperties" /> > <property name="ticketValidator"> > <bean > class="org.jasig.cas.client.validation.Saml11TicketValidator"> > <constructor-arg index="0" > value="${cas.securityContext.ticketValidator.casServerUrlPrefix}" /> > </bean> > </property> > <property name="key" value="an_id_for_this_auth_provider_only" > /> > </bean> > > The problem with this is I get ClassNotFoundException on > PMSAuthenticationProvider, and I can't find that class anywhere. > > I'm stuck. Can someone please put me on the right track? > > Thanks in advance! > Merlin > > -- > View this message in context: > http://jasig.275507.n4.nabble.com/Newbie-Question-about-Saml11TicketValidator-tp2398757p2398757.html > Sent from the CAS Users mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
