I turned up org.jasig.services.persondir to DEBUG in the log4j.xml, have I turn up in other file?
Where do I configured service management to release attributes? I think that I configured it. I do not know what to do more. Thanks -----Mensaje original----- De: Marvin Addison [mailto:[email protected]] Enviado el: viernes, 10 de septiembre de 2010 16:05 Para: [email protected] Asunto: Re: [cas-user] Help with Saml11TicketValidationFilter > 2010-09-10 11:49:31,536 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincip > alResolver] - Attempting to resolve a principal... > 2010-09-10 11:49:31,537 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincip > alResolver] - Creating SimplePrincipal for [user1] I believe you should see some DEBUG log entries for attribute lookup in between the two statements above. You should turn up org.jasig.services.persondir to DEBUG and repeat to see if SingleRowJdbcPersonAttributeDao is properly querying for attributes. If you don't see the query execute, then it's likely a problem with service management where the requesting service has not been configured to release attributes. > On the client added the file log4j.xml and get the following log: > ... > 2010-09-10 11:49:31,880 DEBUG > [org.jasig.cas.client.validation.Saml11TicketValidator] - Server response: > <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope > xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";> > <SOAP-ENV:Header/><SOAP-ENV:Body> > <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol" > xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" > xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > IssueInstant="2010-09-10T09:49:31.703Z" MajorVersion="1" MinorVersion="1" > Recipient="https://localhost:8443/mywebapp/protected/"; > ResponseID="_8dc4de6907690ec10e1964d329666273"> > <Status><StatusCode Value="samlp:Success"></StatusCode></Status> > <Assertion > xmlns="urn:oasis:names:tc:SAML:1.0:assertion" > AssertionID="_b693b3066f8b0fe0c69b371b58235d83" > IssueInstant="2010-09-10T09:49:31.703Z" Issuer="localhost" MajorVersion="1" > MinorVersion="1"> > <Conditions NotBefore="2010-09-10T09:49:31.703Z" > NotOnOrAfter="2010-09-10T09:50:01.703Z"> > <AudienceRestrictionCondition> > <Audience>https://localhost:8443/mywebapp/protected/</Audience> > </AudienceRestrictionCondition></Conditions> > <AuthenticationStatement > AuthenticationInstant="2010-09-10T09:49:31.543Z" > AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> > <Subject> > <NameIdentifier>user1</NameIdentifier> > <SubjectConfirmation> > <ConfirmationMethod> > urn:oasis:names:tc:SAML:1.0:cm:artifact > </ConfirmationMethod> > </SubjectConfirmation> > </Subject> > </AuthenticationStatement> > </Assertion> > </Response> > </SOAP-ENV:Body></SOAP-ENV:Envelope> Note the absence of an AttributeStatement in the SAML payload above. (See https://wiki.jasig.org/display/CASUM/SAML+1.1 for an example containing AttributeStatement.) This above confirms the server is not releasing attributes. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
