Hi Laura,
as Scott correctly points out. Use the SAML 1.1 protocol. The first
thing you will need is to properly set up the attributeRepository on the
CAS server side. If this is properly set up and all the attributes are
properly resolved (check cas log file for the Principal object. This
should contain all the attributes). Then check that the service is
properly set up to release attributes in the service manager console.
phpcas will then automatically resolve the attributes from the cas
server answer.
As for the CAS 2.0 protocol: This is only possible through manual and
unofficial extensions of the protocol and the only "legitimate" use cas
would be a proxy setup that needs attributes. Then you need to modify
your casServiceValdiationSuccess.jsp with some small code. Behind the
</cas:user> you need to add something like:
<cas:attributes>
<c:forEach var="attr"
items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}"><cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}></c:forEach>
</cas:attributes>
Since this is unsupported there have been multiple ways how this can be
done but this is technically supported by both the jasig java and phpcas
client and works for me so far.
Regards,
Joachim
On 28.05.2012 23:08, Scott Battaglia wrote:
By default, the only response from the CAS server that will include
attributes is the SAML 1.1 response.
Attribute support via CAS2 protocol requires local customization to the
server itself.
Cheers,
Scott
On Fri, May 25, 2012 at 2:58 PM, Laura McCord <[email protected]
<mailto:[email protected]>> wrote:
__
Hi,
I am trying to use the getAttributes() phpCAS method to gain
attributes but I've been receiving nothing. I'm assuming this is
stemming from my CAS installation but I'm not entirely sure what to
do. From what I read I should place a reference to my
attributeRepository onto the
org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver
bean (https://wiki.jasig.org/display/CASUM/Attributes)
I've also seen references to using the
Saml11AuthenticationFilter/Saml11TicketValidationFilter but I'm not
sure how this affects my use of
Cas20ProxyReceivingTicketValidationFilter for my portal
installation. And, maybe this is only for java clients, I'm using a
phpCAS client so I don't know if this pertains to my situation.
I'm using CAS 3.4.11
Many Thanks,
Laura
--
Laura McCord
Web Programmer/Analyst
Southwestern University
[email protected] <mailto:[email protected]>
--
You are currently subscribed [email protected]
<mailto:[email protected]> as:[email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives,
seehttp://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
