I see your point, I went in and made it a single value, p:allowedAttributes="eduPersonAffiliation">
but alas,.... still the same result. -Erik scott_battaglia wrote: > > I can't recall, will Spring convert comma separated lists into an array of > Strings? > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Thu, Sep 18, 2008 at 6:59 PM, Guss, Erik <[EMAIL PROTECTED]> wrote: > >> Hi, >> >> I am trying to get the PersonAttributeMapper working correctly. I've >> included the relevant snippets (sanitized with ###) of my >> deployerConfigContext.xml, catalina.out, and ldap.log, in that order. >> Everything works correctly except that the PersonAttributeMapper is not >> executing the 2nd ldap search with any attributes (see ldap.log), >> resulting in an empty attribute list. I have verified the attribute is >> populated by comparing a direct ldap search. This is CAS-3.2.1. >> >> Thanks for any help - Erik >> >> >> ---snippet deployerConfigContext.xml --- >> <bean >> class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttribute >> PrincipalResolver"> >> <property name="credentialsToPrincipalResolver"> >> <bean >> class="org.jasig.cas.authentication.principal.UsernamePasswordCredential >> sToPrincipalResolver" /> >> </property> >> <property name="filter" value="(###EduPersonGID=%u)" /> >> <property name="principalAttributeName" value="uid" /> >> <property name="searchBase" >> value="ou=people,dc=###,dc=edu" /> >> <property name="contextSource" ref="contextSource" /> >> <property name="attributeRepository"> >> <ref bean="attributeRepository" /> >> </property> >> </bean> >> >> <bean id="attributeRepository" >> class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao" >> > >> <property name="baseDN" >> value="ou=people,dc=###,dc=edu" /> >> <property name="query" value="(uid={0})" /> >> <property name="contextSource" ref="contextSource" /> >> <property name="ldapAttributesToPortalAttributes"> >> <map> >> <entry key="eduPersonAffiliation" >> value="eduPersonAffiliation" /> >> </map> >> </property> >> </bean> >> <bean id="serviceRegistryDao" >> >> class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> >> <property name="registeredServices"> >> <list> >> <bean >> class="org.jasig.cas.services.RegisteredServiceImpl" >> p:id="1" >> p:description="All" >> p:serviceId="*://*.lib.###.edu/**" >> p:name="All" >> p:theme="default" >> p:allowedToProxy="true" >> p:enabled="true" >> p:ssoEnabled="true" >> p:anonymousAccess="false" >> >> p:allowedAttributes="uid,eduPersonAffiliation"> >> </bean> >> <bean >> class="org.jasig.cas.services.RegisteredServiceImpl" >> p:id="2" >> p:description="All with ports" >> p:serviceId="*://*.lib.###.edu:2048/**" >> p:name="All with ports" >> p:theme="default" >> p:allowedToProxy="true" >> p:enabled="true" >> p:ssoEnabled="true" >> p:anonymousAccess="false" >> >> p:allowedAttributes="uid,###EduPersonGID,eduPersonAffiliation"> >> </bean> >> </list> >> ---snippet deployerConfigContext.xml --- >> >> ---snippet catalina.out --- >> > 2008-09-18 15:42:13,947 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> <AuthenticationHandler: >> org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandle >> r successfully authenticated the user which provided the following >> credentials: ###> >> > 2008-09-18 15:42:13,947 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <Attempting to resolve a principal...> >> > 2008-09-18 15:42:13,947 DEBUG >> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPri >> ncipalResolver] - <Attempting to resolve a principal...> >> > 2008-09-18 15:42:13,947 DEBUG >> [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPri >> ncipalResolver] - <Creating SimplePrincipal for [###]> >> > 2008-09-18 15:42:13,948 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <Resolved ###. Trying LDAP resolve now...> >> > 2008-09-18 15:42:13,949 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <LDAP search with filter "(###EduPersonGID=###)"> >> > 2008-09-18 15:42:13,949 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <returning searchcontrols: scope=2; search >> base=ou=people,dc=###,dc=edu; attributes=[uid]; timeout=1000> >> > 2008-09-18 15:42:14,278 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <Resolved ### to ###.###> >> > 2008-09-18 15:42:14,278 DEBUG >> [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrinci >> palResolver] - <Creating SimplePrincipal for [###.###]> >> > 2008-09-18 15:42:14,338 WARN >> [org.jasig.services.persondir.support.ldap.PersonAttributesMapper] - >> <Converting value 0 of LDAP attribute 'eduPersonAffiliation' from byte[] >> to String> >> > 2008-09-18 15:42:14,343 INFO >> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service >> ticket [ST-1-A1sxK09Lefq5IOIKUb56-cas] for service >> [https://server.lib.###.edu/staff/phpcas/simple.php] for user [###.###]> >> > 2008-09-18 15:44:17,317 INFO >> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service >> ticket [ST-2-joTfeEMII1eBJsbGbtTq-cas] for service >> [https://server.lib.###.edu/staff/phpcas/simple.php] for user [###.###]> >> > 2008-09-18 15:46:44,754 INFO >> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service >> ticket [ST-3-W0gcHgM05UYGXIXHj0LU-cas] for service >> [http://server.lib.###.edu:2048/login?qurl=ezp.1aHR0cDovL3d3dy5saWIubW9u >> dGFuYS5lZHUvcmVzZXJ2ZXMvYWNjdDUzMC8-] for user [###.###]> >> ---snippet catalina.out --- >> >> ---snippet ldap.log --- >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 fd=12 ACCEPT from >> IP=###:50869 (IP=0.0.0.0:636) >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 fd=12 TLS established >> tls_ssf=128 ssf=128 >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=0 BIND dn="" method=128 >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=0 RESULT tag=97 err=0 >> text= >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=1 SRCH >> base="ou=people,dc=###,dc=edu" scope=2 deref=3 filter="(###=###)" >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=1 SRCH attr=uid >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=1 SEARCH RESULT tag=101 >> err=0 nentries=1 text= >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 op=2 UNBIND >> > Sep 18 15:42:14 ### slapd[4200]: conn=125 fd=12 closed >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 fd=12 ACCEPT from >> IP=###:50870 (IP=0.0.0.0:636) >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 fd=12 TLS established >> tls_ssf=128 ssf=128 >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 op=0 BIND dn="" method=128 >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 op=0 RESULT tag=97 err=0 >> text= >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 op=1 SRCH >> base="ou=people,dc=###,dc=edu" scope=2 deref=3 filter="(uid=###.###)" >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 op=1 SEARCH RESULT tag=101 >> err=0 nentries=1 text= >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 op=2 UNBIND >> > Sep 18 15:42:14 ### slapd[4200]: conn=126 fd=12 closed >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- View this message in context: http://www.nabble.com/PersonAttributeMapper-not-asking-for-any-attributes-tp19563451p19580180.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
