Well, seems like a clock drift issue.
In your sample app’s WEB-INF/classes, put a log4j file with DEBUG output enabled so you can observe the assertion that the client is receiving and other possible warning messages. Also, for your CAS server log configuration, enable DEBUG for the root logger and that will show you the assertion generated. The client log output will tell you if there is a clock drift and why. From: Gianluca Diodato [mailto:[email protected]] Sent: Monday, May 18, 2015 3:37 AM To: [email protected] Cc: [email protected]; [email protected] Subject: Re: [cas-user] Empty Attribute Map Hi Misagh, I tried to deploy application example for SAML you linked me in my apache tomcat but after login to cas server I was redirect to a page error as you can see in attached. No error in tomcat log. My cas server log is this one: 2015-05-18 12:21:31,427 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <SearchModeSearchDatabaseAuthenticationHandler successfully authenticated [email protected]+password <mailto:[email protected]+password> > 2015-05-18 12:21:31,428 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - <Attempting to resolve a principal...> 2015-05-18 12:21:31,428 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - <Creating SimplePrincipal for [[email protected]]> 2015-05-18 12:21:31,428 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Created seed map='{username=[[email protected]]}' for uid='[email protected]'> 2015-05-18 12:21:31,428 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Adding attribute 'email' with value '[[email protected]]' to query builder 'null'> 2015-05-18 12:21:31,429 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Generated query builder 'sql=[email = ?] args=[[email protected]]' from query Map {username=[[email protected]]}.> 2015-05-18 12:21:31,436 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Executed 'SELECT first_name, last_name, email, user_type, mobile, gender, age FROM user WHERE {0}' with arguments [[email protected]] and got results [{first_name=gianluca, last_name=diodato, [email protected] <mailto:[email protected]> , user_type=CNR_EMPLOYEE, mobile=3333333333, gender=MALE, age=37}]> 2015-05-18 12:21:31,438 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@1417bcc resolved [email protected] from [email protected]+password <mailto:org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@1417bcc%20resolved%[email protected]%20from%[email protected]+password> > 2015-05-18 12:21:31,440 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated [email protected] <mailto:[email protected]> with credentials [[email protected]+password].> 2015-05-18 12:21:31,440 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for [email protected] <mailto:[email protected]> : {first_name=gianluca, user_type=CNR_EMPLOYEE, age=37, last_name=diodato, gender=MALE, mobile=3333333333}> 2015-05-18 12:21:31,440 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: supplied credentials: [[email protected]+password] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Mon May 18 12:21:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-18 12:21:31,441 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org] to registry.> 2015-05-18 12:21:31,442 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Mon May 18 12:21:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-18 12:21:31,442 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed cookie with name [CASPRIVACY]> 2015-05-18 12:21:31,442 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org]> 2015-05-18 12:21:31,442 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org] found in registry.> 2015-05-18 12:21:31,443 DEBUG [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie with name [CASTGC] and value [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org]> 2015-05-18 12:21:31,445 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org]> 2015-05-18 12:21:31,445 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org] found in registry.> 2015-05-18 12:21:31,448 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Generated service ticket id [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb] for ticket granting ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org]> 2015-05-18 12:21:31,449 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb] to registry.> 2015-05-18 12:21:31,449 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb] for service [http://localhost:8080/cas-sample-java-webapp/] for user [[email protected]]> 2015-05-18 12:21:31,450 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org]> 2015-05-18 12:21:31,450 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [TGT-1-6OUZEPv4ESsX9LJtLqbZo4ZhdxhyDUgBjld3L1PQQhape3HcsH-cassso.smartcampus.org] found in registry.> 2015-05-18 12:21:31,450 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [email protected] <mailto:[email protected]> WHAT: AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb for http://localhost:8080/cas-sample-java-webapp/ ACTION: SERVICE_TICKET_CREATED APPLICATION: CAS WHEN: Mon May 18 12:21:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-18 12:21:31,790 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Attempted to extract Request from HttpServletRequest. Results:> 2015-05-18 12:21:31,791 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Request Body: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_a296e8c1fbd51b4423a47a89b18bf03c" IssueInstant="2015-05-18T10:22:03Z"><samlp:AssertionArtifact>AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope>> 2015-05-18 12:21:31,791 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Extracted ArtifactId: AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb> 2015-05-18 12:21:31,791 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Extracted Request Id: _a296e8c1fbd51b4423a47a89b18bf03c> 2015-05-18 12:21:31,791 DEBUG [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - <Extractor generated service for: http://localhost:8080/cas-sample-java-webapp/?TARGET=http%3A%2F%2Flocalhost%3A8080%2Fcas-sample-java-webapp%2F> 2015-05-18 12:21:31,792 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb] found in registry.> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [first_name] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [last_name] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [user_type] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [mobile] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [gender] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [age] in the list of allowed attributes for service [SmartMobility]> 2015-05-18 12:21:31,793 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Principal id to return for service [SmartMobility] is [[email protected]]. The default principal id is [[email protected]].> 2015-05-18 12:21:31,794 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb] from registry> 2015-05-18 12:21:31,794 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb]> 2015-05-18 12:21:31,794 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb ACTION: SERVICE_TICKET_VALIDATED APPLICATION: CAS WHEN: Mon May 18 12:21:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-18 12:21:31,808 DEBUG [org.jasig.cas.web.ServiceValidateController] - <Successfully validated service ticket AAFwh2SmEkJ3dfLX9qXYPPU6ah+bng3yxNnDzWUSGlVUBejuxdBA0Ehb for service [http://localhost:8080/cas-sample-java-webapp/?TARGET=http%3A%2F%2Flocalhost%3A8080%2Fcas-sample-java-webapp%2F]> 2015-05-18 12:21:31,810 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Attempted to extract Request from HttpServletRequest. Results:> 2015-05-18 12:21:31,810 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Request Body: > 2015-05-18 12:21:31,810 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Extracted ArtifactId: null> 2015-05-18 12:21:31,810 DEBUG [org.jasig.cas.support.saml.authentication.principal.SamlService] - <Extracted Request Id: null> 2015-05-18 12:21:31,810 DEBUG [org.jasig.cas.support.saml.web.support.SamlArgumentExtractor] - <Extractor generated service for: http://localhost:8080/cas-sample-java-webapp/?TARGET=http%3A%2F%2Flocalhost%3A8080%2Fcas-sample-java-webapp%2F> 2015-05-18 12:22:57,794 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-18 12:22:57,795 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-18 12:22:57,795 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/.*> 2015-05-18 12:22:57,795 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> What wrong? Best Gianluca Il giorno venerdì 15 maggio 2015 16:32:32 UTC+2, Misagh Moayyed ha scritto: Here is an example on how to configure the SAML authn and validation filters in your app: https://github.com/UniconLabs/cas-sample-java-webapp/blob/master/src/main/webapp/WEB-INF/web.xml From: Misagh Moayyed [mailto:[email protected] <javascript:> ] Sent: Friday, May 15, 2015 7:29 AM To: [email protected] <javascript:> Subject: Re: [cas-user] Empty Attribute Map If your app is protected by the Java CAS client, you have a number of options: 1. Use SAML validation and authentication filters, or 2. Modify the CAS server's validation jsp to return attributes, or 3. Use the validator in CAS client 3.4.0 (for which you will need to download the client code, build the jar and include it in the app for now) that allows you to point to /p3/serviceValidate #1 would probably be the easiest to configure for now. _____ From: "Gianluca Diodato" <[email protected] <javascript:> > To: [email protected] <javascript:> Cc: [email protected] <javascript:> , [email protected] <javascript:> Sent: Friday, May 15, 2015 5:57:08 AM Subject: Re: [cas-user] Empty Attribute Map Ok, I understand now in effect into ticketExpirationPolicies.xml I can read 1 time use of ticket. So, what is the right choice to do in order to retrieve my own attributes for my service after login from my client java webapp? thanks Gianluca Il giorno venerdì 15 maggio 2015 14:47:07 UTC+2, Misagh Moayyed ha scritto: Because you are validating the same ticket id twice. Your java webapp receives ST-4 and validates it. When a ST is validated, it is expired and thus removed. Then, you attempt to execute the same operation in your browser, which causes validation to fail. STs can be only be used once, unless you change the expiration policy for STs. From: Gianluca Diodato [mailto:[email protected]] Sent: Friday, May 15, 2015 5:44 AM To: [email protected] <mailto:[email protected]> Cc: [email protected] <mailto:[email protected]> ; [email protected] <mailto:[email protected]> Subject: Re: [cas-user] Empty Attribute Map Hi Misagh, why you said I have 2 requests to validate the same ticket?? I don't understand... In the log that I posted there are a SERVICE_TICKET_VALIDATED (after login from my java webapp client side) and a SERVICE_TICKET_VALIDATE_FAILED (from my browser client side when I tried to access this url https://cas_server/cas/p3/serviceValidate?ticket=ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://st-4-yagp66sconktxo1v5zct-cassso.smartcampus.org/> &service=http://localhost:8080/Campus/mainpage.jsp <http://www.google.com/url?q=http%3A%2F%2Flocalhost%3A8080%2FCampus%2Fmainpage.jsp&sa=D&sntz=1&usg=AFQjCNGR0ce21s5VKuT8uLduzW-gGTU7kg> ). What Wrong? Gianluca Il giorno venerdì 15 maggio 2015 14:03:41 UTC+2, Misagh Moayyed ha scritto: Your CAS client is attempting to resuse a service ticket, or it’s submitting the same request twice. It validates ST-4 and about a minute later it attempts to validate it again. That won’t work. Monitor traffic and see why you have two requests to validate the same ticket. From: Gianluca Diodato [mailto:[email protected]] Sent: Friday, May 15, 2015 4:44 AM To: [email protected] <mailto:[email protected]> Cc: [email protected] <mailto:[email protected]> ; [email protected] <mailto:[email protected]> Subject: Re: [cas-user] Empty Attribute Map Hi Misagh, This is my last test with deployerConfigContext.xml file. Anyway I don't access to any serviceValidate page (Cas2,Cas3,Saml). When I'm trying to acces I have always this answer: 2015-05-15 13:18:23,465 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:18:23,465 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:18:23,465 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:18:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:19:31,657 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ]> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ] found in registry.> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter] - <Found attribute [first_name] in the list of allowed attributes for service [Test CAS]> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.CentralAuthenticationServiceImpl] - <Principal id to return for service [Test CAS] is [[email protected]]. The default principal id is [[email protected]].> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ] from registry> 2015-05-15 13:19:31,658 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ]> 2015-05-15 13:19:31,658 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ACTION: SERVICE_TICKET_VALIDATED APPLICATION: CAS WHEN: Fri May 15 13:19:31 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-15 13:19:31,659 DEBUG [org.jasig.cas.web.ServiceValidateController] - <Successfully validated service ticket ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> for service [http://localhost:8080/Campus/mainpage.jsp]> 2015-05-15 13:20:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:20:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:20:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:20:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:22:23,465 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:22:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:22:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:22:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:24:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered services.> 2015-05-15 13:24:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:24:23,466 DEBUG [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered service http://localhost:8080/SmartMobility/.*> 2015-05-15 13:24:23,466 INFO [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 2 services.> 2015-05-15 13:25:08,452 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://localhost:8080/Campus/mainpage.jsp> 2015-05-15 13:25:08,452 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ]> 2015-05-15 13:25:08,453 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <ServiceTicket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ] does not exist.> 2015-05-15 13:25:08,453 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to retrieve ticket [ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ]> 2015-05-15 13:25:08,453 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org <http://ST-4-yaGp66SconKtxo1v5ZCt-cassso.smartcampus.org> ACTION: SERVICE_TICKET_VALIDATE_FAILED APPLICATION: CAS WHEN: Fri May 15 13:25:08 CEST 2015 CLIENT IP ADDRESS: 146.48.89.203 SERVER IP ADDRESS: 146.48.89.135 ============================================================= > 2015-05-15 13:25:08,453 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages_en] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:custom_messages] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <No properties file found for [classpath:messages_en] - neither plain properties nor XML> 2015-05-15 13:25:08,454 DEBUG [org.jasig.cas.web.view.CasReloadableMessageBundle] - <Re-caching properties for filename [classpath:messages] - file hasn't been modified> I modified expiredtimeout of ticket from 10 seconds to 600 seconds in ticketExpirationPolicies.xml, but doesn't work. Best Gianluca Il giorno venerdì 15 maggio 2015 11:12:56 UTC+2, Misagh Moayyed ha scritto: Are you allowing attributes for release? Is your client talking to /p3/serviceValidate? From: Gianluca Diodato [mailto:[email protected]] Sent: Friday, May 15, 2015 1:41 AM To: [email protected] <mailto:[email protected]> Subject: Re:[cas-user] Empty Attribute Map Same problem with Java Cas Client but no answers yet from community.. I'm almost depressed. Gianluca Il giorno giovedì 14 maggio 2015 12:33:26 UTC+2, Luís Lobo ha scritto: Hi! I am using CAS Server version 4.0.1 and I am having trouble with the attributes. The problem is that in the client side (phpCAS) the attribute map is empty. The relevant parts in my deployerConfigContext.xml are: <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager"> <constructor-arg> <map> <entry key-ref="userAuthHandler" value-ref="principalResolver" /> </map> </constructor-arg> <property name="authenticationPolicy"> <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" /> </property> </bean> The principal resolver is declared as: <bean id="personAttributeDao" class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource" /> <constructor-arg index="1" value="${auth.resolverSql}" /> <property name="queryAttributeMapping"> <map> <entry key="username" value="username" /> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="login" value="login" /> <entry key="client_id" value="client_id" /> </map> </property> </bean> <bean id="principalResolver" class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" p:principalAttributeName="username" p:attributeRepository-ref="personAttributeDao" p:returnNullIfNoAttributes="true" /> The relevant log line in the console is: ... -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
