[cas-user] Passing attributes from the authentication handler to the attribute repository

Wed, 09 Apr 2014 00:01:31 -0700 

Hi, I'm having trouble populating attributes from LDAP in CAS 4.0.

My authenticator handler looks like this:

        <bean id="ldapAuthenticationHandler"
              class="org.jasig.cas.authentication.LdapAuthenticationHandler"
              c:authenticator-ref="authenticator"
              p:principalIdAttribute="uid"
              p:ldapPasswordPolicyConfiguration-ref="passwordPolicy">
                <!--
                   | This map provides a simple attribute resolution mechanism.
                   | Keys are LDAP attribute names, values are CAS attribute 
names.
                   | Use this facility instead of a PrincipalResolver if LDAP is
                   | the only attribute source.
                   -->
            <property name="principalAttributeMap">
                <map>
                    <entry key="cn" value="cn" />
                    <entry key="mail" value="mail" />
                    <entry key="telephonenumber" value="telephonenumber" />
                </map>
            </property>
        </bean>

I just want these attributes to be passed to the attribute repository so they 
can be fetched by the clients.

According to the documentation, It looks like I need a second call to LDAP, 
something like this:

        <bean id="attributeRepository" 
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
          <property name="contextSource" ref="pooledLdapConnectionFactory" />
          <property name="baseDN" value="${ldap.baseDn}" />
          <property name="requireAllQueryAttributes" value="true" />
         
          <!--
          Attribute mapping between principal (key) and LDAP (value) names
          used to perform the LDAP search.  By default, multiple search criteria
          are ANDed together.  Set the queryType property to change to OR.
          -->
          <property name="queryAttributeMapping">
            <map>
              <entry key="uid" value="uid" />
            </map>
          </property>
         
          <property name="resultAttributeMapping">
            <map>
              <!-- Mapping beetween LDAP entry attributes (key) and Principal's 
(value) -->
              <entry value="cn" key="cn" />
              <entry value="mail" key="mail" />
              <entry key="telephonenumber" value="telephonenumber" />
            </map>
          </property>
        </bean>

But it seems not to be working in 4.0, as it uses Spring LDAP and not ldaptive. 
Furthermore, I just want to use the attributes fetched at the authentication.

Any hints? thanks!
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to