We have had a CAS SSO deployment working for a couple of years using the
sAMAccount name AD value, we have some longer names now and I am using the UPN
value successfully for another installation where the UPN and email address
match. However another installation has a different domain name in AD than in
Google and I can;t seem to get it to work.
I have been trying to get
https://wiki.jasig.org/display/CASUM/Google+Apps+from+MS-AD+using+the+%27mail%27+attribute
to work for a few days and I am at a loss. I have configured
src/main/webapp/WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml
with:
<bean
name="googleAccountsArgumentExtractor"
class="org.jasig.cas.web.support.GoogleAccountsArgumentExtractor"
p:privateKey-ref="privateKeyFactoryBean"
p:publicKey-ref="publicKeyFactoryBean"
p:alternateUsername="EmailAddress"
p:httpClient-ref="httpClient" />
And src/main/webapp/WEB-INF/deployerConfigContext.xml with
<property name="resultAttributeMapping">
<map>
<!-- Mapping between LDAP attributes (key) and Principal's
(value) -->
<entry value="CN" key="cn" />
<entry value="DN" key="distinguishedName" />
<entry value="Groups" key="memberOf" />
<entry value="EmailAddress" key="sAMAccountName" />
</map>
</property>
And it does not seem to be working.
Ideas?
TIA,
Steve
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
