When I setup my attributes I was getting the same exact thing in my logs as you were. There wasn't anything in the logs that showed me the values of the other mapped attributes, maybe this differs on how other people have their logs set up, but in my case I was blind to it.
It wasn't until I went to the services manager and chose the SSO application that I wanted to expose the attributes to, highlighted the attributes from the GUI that I started seeing the attributes from the client side (the actual "cas-ified" application). Since my "cas-ified" application is a php app, I used Joachim's script to view my attributes: https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_advanced_saml11.php Hope this helps, Laura On 6/1/12 1:15 PM, Baron Fujimoto wrote: > Anyone? Is there more information I could provide that might help? > Does another app need to explicitly request the attributes before > they are resolved and mapped? > > -baron > > On Wed, May 30, 2012 at 05:32:55PM -1000, Baron Fujimoto wrote: > : I've seen this topic come up a few times recently, but I'm afraid I'm > : still not sure what, if anything, I'm doing wrong. > : > : I've set up CAS server 3.4.11 can can successfully authenticate against > : our LDAP. I'm now trying to set up/test attribute release using this > : wiki page as a reference: > : > :<https://wiki.jasig.org/display/CASUM/Attributes> > : > : I have the following defined in deployerConfigContext.xml: > : > :<bean id="attributeRepository" > : > class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> > :<property name="contextSource" ref="contextSource" /> > :<property name="baseDN" value="ou=people,dc=hawaii,dc=edu" /> > :<property name="requireAllQueryAttributes" value="true" /> > : > :<!-- > : Attribute mapping beetween principal (key) and LDAP (value) names > : used to perform the LDAP search. By default, multiple search criteria > : are ANDed together. Set the queryType property to change to OR. > : --> > :<property name="queryAttributeMapping"> > :<map> > :<entry key="username" value="uid" /> > :</map> > :</property> > : > :<property name="resultAttributeMapping"> > :<map> > :<!-- Mapping between LDAP entry attributes (key) and Principal's (value) --> > :<entry key="cn" value="fullName"/> > :<entry key="uhUuid" value="uhNumber"/> > :<entry key="eduPersonAffiliation" value="uhAffiliation"/> > :<entry key="eduPersonOrgDN" value="uhOrg"/> > :<entry key="uhOrgAffiliation" value="uhOrgAffiliation"/> > :</map> > :</property> > :</bean> > : > : If I login with the .../cas/login servlet, I see the following in the log: > : > : 2012-05-30 17:22:31,472 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > AuthenticationHandler: > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully > authenticated the user which provided the following credentials: [username: > baron] > : 2012-05-30 17:22:31,577 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - Created > seed map='{username=[baron]}' for uid='baron' > : 2012-05-30 17:22:31,577 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - Created > seed map='{username=[baron]}' for uid='baron' > : 2012-05-30 17:22:31,578 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - Adding > attribute 'uid' with value '[baron]' to query builder 'null' > : 2012-05-30 17:22:31,578 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - Adding > attribute 'uid' with value '[baron]' to query builder 'null' > : 2012-05-30 17:22:31,580 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - > Generated query builder '(uid=baron)' from query Map {username=[baron]}. > : 2012-05-30 17:22:31,580 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - > Generated query builder '(uid=baron)' from query Map {username=[baron]}. > : 2012-05-30 17:22:31,688 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - Resolved principal > baron > : 2012-05-30 17:22:31,688 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - Principal found: > baron > : > : I don't see any any indications that it's retrieving or mapping the > : attributes configured above. Should I? I don't see any errors either > : though, so I'm probably missing something more basic. > : > : (I'm also not sure why I'm seeing repeated log entries for > : org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao. > : > :<logger name="org.jasig.services.persondir"> > :<level value="DEBUG" /> > :<appender-ref ref="cas" /> > :</logger> > : > : is the only DEBUG I've set in log4j.xml. It would be nice to clean that > : up too.) > : > : Aloha, > : -baron > : -- > : Baron Fujimoto<[email protected]> :: UH Information Technology Services > : minutas cantorum, minutas balorum, minutas carboratum desendus pantorum > > -- Laura McCord Web Programmer/Analyst Southwestern University [email protected] <mailto:[email protected]> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
