Thanks Misagh and Phillipe! Your advice helped a lot. I upped the logging level and hacked up some test scripts using phpCAS and it turns out that the server IS returning attributes. At this point, it 100% has to be an issue with the Drupal module.
Thanks for the great help/advice guys! _____________ Nathan Chowning From: Misagh Moayyed <[email protected]> To: [email protected], Date: 09/18/2012 02:26 AM Subject: RE: [cas-user] JDBC (using mysql) Attribute Release I would up the logging level to see whether log entries indicate the attributes you?re after for the principal. If that?s the case, I would then start with a sample test application on this page [1] or the one Marvin previously pointed out to see if I can consume attributes. If the sample app reveals that you can have correctly configured attribute release, then problem has to do with the way Drupal wants them from CAS. I can?t speak for the Drupal CAS server itself, but it?s likely that they have modified something to work the way Drupal wants attributes back. [1] https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example -Misagh From: [email protected] [ mailto:[email protected]] Sent: Monday, September 17, 2012 1:38 PM To: [email protected] Subject: RE: [cas-user] JDBC (using mysql) Attribute Release Thanks for the response Jonathan! I'm not really sure what you meant by your question. Basically we are using Drupal (via the CAS module) as the client connecting to CAS. I have been working on configuring/setting up a CAS server. We have also experimented with using the Drupal CAS module as a CAS server. The Drupal CAS server releases attributes to the client but for some reason my CAS server will not release attributes. In the CAS Services Manager, I see the attributes that I've defined and they are highlighted but it is not releasing them to a client. Thanks! _____________ Nathan Chowning From: "Liedy, Jonathan" <[email protected]> To: [email protected], Date: 09/14/2012 03:39 PM Subject: RE: [cas-user] JDBC (using mysql) Attribute Release Just to make sure, you?re looking for attribute release in the SAMLServiceValidate piece, right? Jonathan Liedy Middleware Administrator The Florida State University 2035 East Paul Dirac Drive Sliger, Suite 113 Tallahassee, FL 32310 [email protected] Voice: (850) 270-7368 From: [email protected] [ mailto:[email protected]] Sent: Friday, September 14, 2012 3:26 PM To: [email protected] Subject: RE: [cas-user] JDBC (using mysql) Attribute Release Thank you for the suggestion Misagh. I've been attempting to build this support into CAS (I guess I should mention that I'm using CAS 3.5.0). I'm still running into issues. It is building correctly with maven, authentication is still working beautifully, but for whatever reason it is not returning any attributes. Here is a link to our deployerConfigContext.xml - http://pastebin.com/rCV702GC Our user credential table and user attribute table looks like: http://pastebin.com/raw.php?i=fMBYCBBx Any ideas why attributes are not getting released? Am I missing something silly? Thanks so much for the help! _____________ Nathan Chowning From: Misagh Moayyed <[email protected]> To: [email protected], Date: 09/12/2012 12:50 PM Subject: RE: [cas-user] JDBC (using mysql) Attribute Release The person directory API has support for JDBC attribute release: https://wiki.jasig.org/display/PDM15/JDBC+Attribute+Source -Misagh From: [email protected] [ mailto:[email protected]] Sent: Wednesday, September 12, 2012 8:43 AM To: [email protected] Subject: [cas-user] JDBC (using mysql) Attribute Release Hello All, I have questions/concerns about attribute release with CAS. We are currently using JDBC to authenticate users against a mysql database. I've setup our "users" table to have 4 fields/columns (username, password, email, role). For our usage, we'd like for the email and role fields to be released as attributes. The CAS wiki page for attributes - https://wiki.jasig.org/display/CASUM/Attributes - mostly details attribute release from LDAP. Is it possible to release attributes from mysql? Does anyone have any experience with this? Thanks! _____________ Nathan Chowning -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
