On 30/11/10 00:17, Stephen Todd wrote:
Hi,I just went through implementing attribute release on 3.4.3 and there were a few hitches I wanted to document at least through the mailing list. I had set up the attribute repository but attributes were never getting into the saml response. Skipping the steps I took to debug it, it turns out that naming the attribute repository bean to attributeRepository is not enough (as has been alluded to in the comment above the attributeRepository bean in deployerConfigContext.xml and several list emails). The missing step was setting the attributeRepository property on the CredentialsToPrincipalResolver. The directions for attribute release are a little confusing and include unnecessary steps. It seems to me that all that really needs to happen to do attribute release is get service management working and configure the attribute repository. The current set up of the CredentialsToPrincipalResolver seems like a bug to me. To me, it seems that the bean should be declared this way by default: <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" p:attributeRepository="attributeRepository"/> The presence of the default attributeRepository bean (class StubPersonAttributeDao) is a little misleading otherwise. I'm willing to help on the attribute release page (and others), if desired. -Steve
Steve, would you mind sharing your working deployerConfigContext.xml as I'm having trouble to get attributes back in the SAML response (although they are retrieved from LDAP and allowed from service management) Trying to apply your proposal gave me an exception. regards, Giannis -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
