This is what I have:
In AD, I have an attribute called employeeNumber, I can also send you
my entire deployerConfigContext.xml. Thanks, Alex Adao

<property name="resultAttributeMapping">
                        <map>
                                <!-- Mapping between LDAP entry attributes 
(key) and
                                          Principal's (value) -->
                                <entry key="uid" value="uid" /> 
                                <entry key="employeeNumber" 
value="UDC_IDENTIFIER"/>
                        </map>
                </property>

<bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="0" />
                        <property name="name" value="HTTP" />
                        <property name="description" value="Only
Allows HTTP Urls" />
                        <property name="serviceId" value="http://**"; />
                        <property name="allowedAttributes">
                         <list>
                                <value>UDC_IDENTIFIER</value>
                         </list>
                        </property>
  </bean>

<bean class="org.jasig.cas.services.RegisteredServiceImpl">
                        <property name="id" value="1" />
                        <property name="name" value="HTTPS" />
                        <property name="description" value="Only
Allows HTTPS Urls" />
                        <property name="serviceId" value="https://**"; />
                        <property name="allowedAttributes">
                         <list>
                            <value>UDC_IDENTIFIER</value>
                        </list>
                        </property>
                    </bean>


On Wed, Aug 15, 2012 at 2:59 PM, Qiong Dai <[email protected]> wrote:
> You will also need to add UDC_IDENTIFIER to your allowedAttributes property
> in your service.
>
> <bean class="org.jasig.cas.services.RegisteredServiceImpl">
> <property name="id" value="4" />
> <property name="name" value="INB" />
> <property name="description" value="Banner INB" />
> <property name="serviceId"
> value="http://krypton.wellesley.edu:8003/ssomanager/c/INB"; />
> <property name="allowedAttributes">
> <list>
> <value>UDC_IDENTIFIER</value>
> <value>uid</value>
> </list>
> </property>
> </bean>
>
> Qiong
>
> On Wed, Aug 15, 2012 at 2:52 PM, Andrew Morgan <[email protected]> wrote:
>>
>> On Wed, 15 Aug 2012, Alexandre Adao wrote:
>>
>>> Yes we created the the UDCid.
>>> I guess the problem we are having is that the CAS is not sending the
>>> UDCID that is stored in the AD.
>>> How do I configure CAS to pull the UDCID.  Thanks for your response in
>>> advance. Your help is really appreciated.
>>
>>
>> Have you configured CAS to pull attributes from AD?  Have a look at:
>>
>>   https://wiki.jasig.org/display/CASUM/Attributes
>>
>> We don't use AD here (for CAS anyways), but we do use LDAP.  Don't forget
>> you need to map udcid to a special name.  Here is a snippet from our config:
>>
>>   <property name="resultAttributeMapping">
>>           <map>
>>           <!-- Mapping between LDAP entry's attributes (key) and
>> Principal's (value) -->
>>           <entry key="uid" value="uid" />
>>           <entry key="udcid" value="UDC_IDENTIFIER" />
>>           <entry key="sn" value="lastname" />
>>           <entry key="givenname" value="firstname" />
>>           <entry key="cn" value="fullname" />
>>           <entry key="mail" value="email" />
>>
>> The SCT docs said it must be named "UDC_IDENTIFIER" in the attribute
>> release.
>>
>>         Andy
>>
>> --
>> You are currently subscribed to [email protected] as:
>> [email protected]
>>
>> To unsubscribe, change settings or access archives, see
>> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to