[cas-user] Attributes/SAML

Kevin Richter Fri, 10 Jun 2011 14:27:13 -0700

Hi,

I am trying to get some attributes (mail adress, full name) from the
LDAP directory using the FastBindLdapAuthenticationHandler method.
In our environment each user is allowed to read his own attributes (like
cn oder mail), so I have thought there is no need for a special bind user.


Is this possible?
At the moment all my tries were not successful.
See below for my config. Any ideas whats wrong there?

Of course I have selected the attributes (mail, cn) for my test platform
in the services management (cas/services/manage.html).
My test platform is a PHP script:
print_r(phpCAS::getAttributes())
But it always prints "Array ( )"... no attributes :-(


Thanks,
Kevin



[snip]

        <bean id="attributeRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
                <property name="contextSource" ref="contextSource" />
                <property name="baseDN"
value="ou=students,dc=uni-hildesheim,dc=de" />
                <property name="requireAllQueryAttributes" value="true" />
                <property name="queryAttributeMapping">
                        <map>
                                <entry key="username" value="uid" />
                        </map>
                </property>
                <property name="resultAttributeMapping">
                        <map>
                        <!-- Mapping beetween LDAP entry attributes
(key) and Principal's (value) -->
                        <entry key="cn" value="Name"/>
                        <entry key="mail" value="EMail" />
                        </map>
                </property>
        </bean>

[/snip]

[snip]

<bean
class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">

                                <!-- The Principal resolver form the
credentials -->
                                <property
name="credentialsToPrincipalResolver">
                                        <bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
/>
                                </property>

                                <!-- The query made to find the
Principal ID. "%u" will be replaced by the resolved Principal -->
                                <property name="filter" value="(uid=%u)" />

                                <!-- The attribute used to define the
new Principal ID -->
                                <property name="principalAttributeName"
value="uid" />
                                <property name="searchBase"
value="ou=students,dc=uni-hildesheim,dc=de" />
                                <property name="contextSource"
ref="contextSource" />
                                <property name="attributeRepository">
                                        <ref bean="attributeRepository" />
                                </property>
</bean>

[/snip]

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

[cas-user] Attributes/SAML

Reply via email to