> 2010-09-10 11:49:31,536 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincip > alResolver] - Attempting to resolve a principal... > 2010-09-10 11:49:31,537 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincip > alResolver] - Creating SimplePrincipal for [user1]
I believe you should see some DEBUG log entries for attribute lookup in between the two statements above. You should turn up org.jasig.services.persondir to DEBUG and repeat to see if SingleRowJdbcPersonAttributeDao is properly querying for attributes. If you don't see the query execute, then it's likely a problem with service management where the requesting service has not been configured to release attributes. > On the client added the file log4j.xml and get the following log: > ... > 2010-09-10 11:49:31,880 DEBUG > [org.jasig.cas.client.validation.Saml11TicketValidator] - Server response: > <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> > <SOAP-ENV:Header/><SOAP-ENV:Body> > <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" > xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" > xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > IssueInstant="2010-09-10T09:49:31.703Z" MajorVersion="1" MinorVersion="1" > Recipient="https://localhost:8443/mywebapp/protected/"; > ResponseID="_8dc4de6907690ec10e1964d329666273"> > <Status><StatusCode Value="samlp:Success"></StatusCode></Status> > <Assertion > xmlns="urn:oasis:names:tc:SAML:1.0:assertion" > AssertionID="_b693b3066f8b0fe0c69b371b58235d83" > IssueInstant="2010-09-10T09:49:31.703Z" Issuer="localhost" MajorVersion="1" > MinorVersion="1"> > <Conditions NotBefore="2010-09-10T09:49:31.703Z" > NotOnOrAfter="2010-09-10T09:50:01.703Z"> > <AudienceRestrictionCondition> > <Audience>https://localhost:8443/mywebapp/protected/</Audience> > </AudienceRestrictionCondition></Conditions> > <AuthenticationStatement > AuthenticationInstant="2010-09-10T09:49:31.543Z" > AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> > <Subject> > <NameIdentifier>user1</NameIdentifier> > <SubjectConfirmation> > <ConfirmationMethod> > urn:oasis:names:tc:SAML:1.0:cm:artifact > </ConfirmationMethod> > </SubjectConfirmation> > </Subject> > </AuthenticationStatement> > </Assertion> > </Response> > </SOAP-ENV:Body></SOAP-ENV:Envelope> Note the absence of an AttributeStatement in the SAML payload above. (See https://wiki.jasig.org/display/CASUM/SAML+1.1 for an example containing AttributeStatement.) This above confirms the server is not releasing attributes. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
