On Mon, 30 Jul 2012, geist wrote:
I am trying to get user attrubutes, which I plan to use for
roles/permisisons management to show up in the cookie that CAS puts in
the client's browser.
In deployerConfigContext.xml I have configured attributeRepositiry via
org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao
and I am passing it to
org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver.
This seems to be working to the extend that I don't see any exceptions
in the logs anymore. But when I look at the browser cookie generated by
CAS upon authentication, I only see the session ticket, but no user
attributes. What am I missing? Are the user attributes passed outside
the cookie? or are they encoded inside the token, or perhaps they are
not being loaded and passed for some reason?
Thanks for any help/suggestions.
Attributes are not stored in the browser cookie (which is scoped to be
visible only to the CAS server anyways). If you want to retrieve user
attributes in your CAS client, you'll need to use the /samlValidate URL to
retrieve them as part of the CAS Service Ticket validation process.
https://wiki.jasig.org/display/CASUM/Attributes
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
