I don't know if it will help, but I have a blog post that provides details about what I did: http://dennisroberts.wordpress.com/2012/02/26/obtaining-cas-attributes-using-the-cas-2-0-protocol/.
Let me know if that doesn't help. Thanks, Dennis On Apr 18, 2012, at 5:25 PM, David Challoner wrote: > Thanks for the quick reply. > > I'm replaced my service configuration with yours and I'm still running into > the same problem. (I have tried both this and logging into the service > interface and manually selecting the attributes) > > If it helps I'm getting the "ImmutableAuthentication" object using the > "SimplePrinciple" implementation with the correct ID but just an empty map of > attributes. Maybe it should be getting the attributePrinciple somehow? > > My java debug fu is weak. > > > David > > On Wed, Apr 18, 2012 at 5:01 PM, Dennis Roberts > <[email protected]> wrote: > My first guess would be that attributes haven't been approved for the > service. For a production deployment, the best bet is to the server's > administrative webapp and release attributes to the services that should get > them. If you're using a test CAS server then you can modify the > serviceRegistryDao bean in deployerConfigContext.xml so that it looks like > this: > > <bean id="serviceRegistryDao" > class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> > <property name="registeredServices"> > <list> > <bean class="org.jasig.cas.services.RegisteredServiceImpl"> > <property name="id" value="0" /> > <property name="name" value="HTTP" /> > <property name="description" value="Only Allows HTTP Urls" /> > <property name="serviceId" value="http://**"; /> > <property name="evaluationOrder" value="10000001" /> > + <property name="ignoreAttributes" value="true" /> > </bean> > > <bean class="org.jasig.cas.services.RegisteredServiceImpl"> > <property name="id" value="1" /> > <property name="name" value="HTTPS" /> > <property name="description" value="Only Allows HTTPS Urls" > /> > <property name="serviceId" value="https://**"; /> > <property name="evaluationOrder" value="10000002" /> > + <property name="ignoreAttributes" value="true" /> > </bean> > > <bean class="org.jasig.cas.services.RegisteredServiceImpl"> > <property name="id" value="2" /> > <property name="name" value="IMAPS" /> > <property name="description" value="Only Allows HTTPS Urls" > /> > <property name="serviceId" value="imaps://**" /> > <property name="evaluationOrder" value="10000003" /> > </bean> > > <bean class="org.jasig.cas.services.RegisteredServiceImpl"> > <property name="id" value="3" /> > <property name="name" value="IMAP" /> > <property name="description" value="Only Allows IMAP Urls" /> > <property name="serviceId" value="imap://**" /> > <property name="evaluationOrder" value="10000004" /> > </bean> > </list> > </property> > </bean> > Thanks, > Dennis > > On Apr 18, 2012, at 3:44 PM, David Challoner wrote: > >> I'm trying to get CAS setup to authenticate from a database and serve up >> some user attributes. >> >> Steps taken so far: >> >> *downloaded cas-server-3.4.11 >> *modified deployerConfig.xml >> *added JDBC query auth handler >> *added a list of "allowedAttributes"(using the Stub attribtues) to the >> RegisteredServiceImpl bean >> *modified cas.properties to include URL/hostname of test VM. >> *modified the CAS20 success JSP to display attributes as noted here(also the >> LDAP example): >> http://bowerstudios.com/node/645 >> >> *Generated self signed cert and keystore >> *launched with Jetty. >> >> Most of this seems to work. I can authenticate with my database >> credentials. I can edit the services and verify the stub attributes are set >> to be released. But the success service validation JSP just isn't getting >> any attributes passed to it. >> This is the success data added to the model from the debugger: >> >> [null, null, null, null, null, null, null, null, null, null, null, null, >> assertion=[principals={[[[email protected], >> attributes={authenticationMethod=org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler}]]} >> for service=http://test], null, null, null] >> >> >> Any ideas? It's so close to working but this last bit is killing me. >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
