thanks Scott, i tried to add this
${fn:escapeXml(assertion.chainedAuthentications[fn:length (assertion.chainedAuthentications)-1].principal.id)}
to casGenericSuccess.jsp but it didn't return anything. I think I missed something but not sure what :) thanks On Aug 7, 2007, at 12:06 PM, Scott Battaglia wrote:
Barrow,I've updated the web site to reflect the Subversion information. Thanks for pointing that out.The PersonDirectory API javadocs should be up to date (according to their title): http://developer.ja-sig.org/projects/person-directory/apidocs/ index.htmlIf you take a look at:http://developer.ja-sig.org/source/browse/jasigsvn/cas3/trunk/cas- server-webapp/src/main/webapp/WEB-INF/view/jsp/default/protocol/2.0/ casServiceValidationSuccess.jsp?r=39553the thing to reference the principal is as follows:assertion.chainedAuthentications[fn:length (assertion.chainedAuthentications)-1].principal(you can obviously place that in a variable using <c:set... />) Hope that helps. -Scott On 8/6/07, Barrow Kwan <[EMAIL PROTECTED]> wrote:Thanks Scott. I took a quick look and this seems to be straightforward.I have a few comments :1. on CAS website, it show us the CVS information. I didn't realize that until you mention about Subversion. I have to do a search on the Wiki site to find out the SVN location. 2. the Personal Directory site seems out-of-date especially if I use personal directory V1.I think my question about accessing the attributes in the JSP is not very clear, what I really mean is if principal is available as a tag ( eg, I can reference principal in the JSP as $(principal) throught the Spring Tag library ).thanks On Aug 5, 2007, at 5:46 PM, Scott Battaglia wrote:I just looked at the RC4 code and the UsernamePasswordCredentialsToPrincipalResolver should call the PersonDirectory to retrieve any attributes for that username. You wil need to configure an instance of PersonDirectoryPersonDirectory documentation can be found here: http://developer.ja-sig.org/projects/person-directory/ http://www.ja-sig.org/wiki/display/UPC/Person+Directory The first link is probably more up-to-date. -Scott On 8/5/07, Scott Battaglia < [EMAIL PROTECTED]> wrote: Barrow,You can either use one of the existing examples that utilizes the PersonDirectory project to retrieve attributes. Or, you can write a custom CredentialsToPrincipalResolver that will call PersonDirectory. I'm going to see if I can write one that does that for the 3.1 release.You should be able to access the attributes in the JSP page as you would any other JavaBean in principal.attributes["attribute"] where principal is the principal whos attribute you want to retrieve.If I get a new CredentialsToPrincipalResolver into Subversion I will let you know.-Scott On 8/5/07, Barrow Kwan < [EMAIL PROTECTED]> wrote: I am still not sure how this works, ( PS: I am using CAS 3.1RC4 ) 1. Principal:I have looked at UsernamePasswordCredentialsToPrincipalResolver as an example. It creates and return the Principal as..return new SimplePrincipal(usernamePasswordCredentials.getUsername ());..So, do I need to create the "attributes" map and pass to the Principal's constructor?egreturn new MyComplexPrincipal (usernamePasswordCrednetials.getUsername(), myAttributesMapWithAdditionalStuff );myAttributesMapWithAdditionalStuff is my Map that contain informations like email, first/last name ,etc...2. I am trying to customize casGenericSuccess.jsp, how do I retrieve information from MyComplexPrincipal?Thanks On Aug 2, 2007, at 5:56 AM, Scott Battaglia wrote:In the latest CAS release, the Principal has a new property called "attributes" which is map. There are implementations that obtain attributes from the JA-SIG PersonDirectory API and populate that map. CAS 3.1 will return those attributes via the SAML response (though you'll need to use it in conjunction with the Services Management tool to "release" the attributes to the client applications).In Subversion, there should be a SAMLTicketValidator that will parse the SAML response. Note that its not 100% compatible with the current CAS Server release because the protocol states that the artifact resolution request should come over SOAP (the TicketValidator in HEAD merely sends it as a HTTP Request parameter). Its not a very difficult change to make though. I just haven't had time yet.-Scott On 8/1/07, Barrow Kwan < [EMAIL PROTECTED]> wrote: this question was asked back to april and Scott said :You just need to create a CredentialsToPrincipalResolver that returns attributes and then use the /samlValidate url instead of / serviceValidate (and an appropriate TicketValidator). The CAS Client for Java 3.1-m1 has aSamlTicketValidator you can use as an example. -ScottI still stuck with the Saml, did someone has a working example we can reference?thanks Barrow Kwan ThoughtWorks Inc 410 Townsend St, 4th Floor San Francisco, CA 94107 USA (415)869-3103 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/casBarrow Kwan ThoughtWorks Inc 410 Townsend St, 4th Floor San Francisco, CA 94107 USA (415)869-3103 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/casBarrow Kwan ThoughtWorks Inc 410 Townsend St, 4th Floor San Francisco, CA 94107 USA (415)869-3103 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
Barrow Kwan ThoughtWorks Inc 410 Townsend St, 4th Floor San Francisco, CA 94107 USA (415)869-3103
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
