Hello Marvin, Many thanks for your answer. I finally found a solution modifying the file "casServiceValidationSuccess.jsp" like this :
<%@ page session="false" %><%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %><%@ taglib uri="http://java.sun.com/jsp/jstl/functions"; prefix="fn" %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationSuccess> <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertio n.chainedAuthentications)-1].principal.id)}</cas:user> <c:if test="${fn:length(assertion.chainedAuthentications) > 0}"> <cas:attributes> <c:forEach var="auth" items="${assertion.chainedAuthentications}"> <c:forEach var="attr" items="${auth.principal.attributes}" > <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeX ml(attr.key)}> </c:forEach> </c:forEach> </cas:attributes> </c:if> <c:if test="${not empty pgtIou}"> <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket> </c:if> <c:if test="${fn:length(assertion.chainedAuthentications) > 1}"> <cas:proxies> <c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1"> <cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy> </c:forEach> </cas:proxies> </c:if> </cas:authenticationSuccess> </cas:serviceResponse> Now the value of "MemberOf" is in one attribute. My problem now is that the groups are all in one attribute with the complete A.D chain (CN=xx,OU=xx,..) and separated with commas. Is it possible to get only group's name and one group per attribute ? like the following : <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationSuccess> <cas:user>xxxxxx</cas:user> <cas:attributes> <cas:attribute name="sAMAccountName">testjoomla</cas:attribute> <cas:attribute name="mail">[email protected]</cas:attribute> <cas:attribute name="memberOf">GROUP1</cas:attribute> <cas:attribute name=" memberOf">GROUP2</cas:attribute> <cas:attribute name="displayname">Joomla Doe</cas:attribute> </cas:attributes> </cas:authenticationSuccess> </cas:serviceResponse> Many thanks for your help, Cyrus. -----Message d'origine----- De : Marvin S. Addison [mailto:[email protected]] Envoyé : mardi 5 juin 2012 13:51 À : [email protected] Objet : Re: [cas-user] Retreive user attributes from A.D > There are few days i'm trying to configure CAS for release attributes > but without success. > > No error into the log file and I can see the attributes into cas.log : ... > BUT attributes are not transfered to client application. Are you using SAML on the client to get the attribute payload? See https://wiki.jasig.org/display/CASUM/SAML+1.1 for more information. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
