I think my server side configuration is correct now, but I'm still not
getting LDAP attributes to the client. Please help - this is critical for my
customer!
Wireshark shows me that when the user logs in CAS sends 3 requests to the
Active Directory. The third fetches the attributes I've enabled for my
service, per the attributeRepository, and I can see they make it into a blob
in the ticket's database record.
Here's the code I'm using in my servlet:
AttributePrincipal principal = (AttributePrincipal)
request.getUserPrincipal();
Map attributes = principal.getAttributes();
...attributes not null, but always empty...
Here's what's in my web.xml:
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://casServer.myCompany.com:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://myServer.myCompany.com:8080</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://myServer.myCompany.com:8080/TestApp1/sso/ProtectedServlet</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://casServer.myCompany.com:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://myServer.myCompany.com:8080</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://myServer.myCompany.com:8080/TestApp1/sso/ProtectedServlet</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>tolerance</param-name>
<param-value>5000</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/sso/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/sso/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/sso/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/sso/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>ProtectedServlet1</servlet-name>
<servlet-class>sso.test.ProtectedServlet1</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ProtectedServlet1</servlet-name>
<url-pattern>/sso/ProtectedServlet/*</url-pattern>
</servlet-mapping>
Is there anything I can look for in the debug output? I see the
LdapPersonAttributeDao's actions, and I see the ServiceTicket get deleted,
otherwise no mention of attributes.
--
View this message in context:
http://jasig.275507.n4.nabble.com/Newbie-Question-about-Saml11TicketValidator-tp2398757p2430363.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
