Hi, In fact, I'm retrieving the user identity using the *getPrincipals *method of the *Subject *class: https://github.com/leleuj/buji-pac4j-demo/blob/master/src/main/webapp/index.jsp#L33 . The first principal is the uid, the second one if the pac4j user profile (FacebookProfile, TwitterProfile...) Best regards, Jérôme
2014/1/17 Eduardo J. Ortega U [via Shiro User] < [email protected]> > Hi, Jérôme: > > I set up debut and read this: > > INFO: 2014-01-17 10:39:35,529 DEBUG > [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Attribute map > for administrator: {Name=Administrator}> > > It seems like the attribute is being mapped, but for some reason I cannot > access it. Or perhaps I am trying to access it in the wrong way. This is > what I am doing: > > Subject currentUser = SecurityUtils.getSubject(); > AttributePrincipal principal = > (AttributePrincipal)request.getUserPrincipal(); > Map attributes = principal.getAttributes(); > > But the cast from request to AttributePrincipal fails: > > java.lang.ClassCastException: > org.apache.shiro.web.servlet.ShiroHttpServletRequest$ObjectPrincipal cannot > be cast to org.jasig.cas.client.authentication.AttributePrincipal > > Is this the right way to do it? > > Below is the full log from CAS. Thans for any guide you can provide. > > INFO: 2014-01-17 10:39:22,169 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated > service for: http://localhost:8080/InteraccionSonriaCore/shiro-cas> > INFO: 2014-01-17 10:39:22,195 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org > ]> > INFO: 2014-01-17 10:39:22,200 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org > ]> > INFO: 2014-01-17 10:39:22,212 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: http://localhost:8080/InteraccionSonriaCore/shiro-cas > ACTION: SERVICE_TICKET_NOT_CREATED > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:22 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:22,215 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated > service for: http://localhost:8080/InteraccionSonriaCore/shiro-cas> > INFO: 2014-01-17 10:39:35,443 DEBUG > [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - > <Performing LDAP bind with credential: > uid=administrator,ou=People,dc=example,dc=com,dc=co> > INFO: 2014-01-17 10:39:35,474 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - > <org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler successfully > authenticated [username: administrator]> > INFO: 2014-01-17 10:39:35,474 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] > - <Attempting to resolve a principal...> > INFO: 2014-01-17 10:39:35,474 DEBUG > [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] > - <Creating SimplePrincipal for [administrator]> > INFO: 2014-01-17 10:39:35,474 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - > <Created seed map='{username=[administrator]}' for uid='administrator'> > INFO: 2014-01-17 10:39:35,475 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - > <Adding attribute 'uid' with value '[administrator]' to query builder > 'null'> > INFO: 2014-01-17 10:39:35,482 DEBUG > [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - > <Generated query builder '(uid=administrator)' from query Map > {username=[administrator]}.> > INFO: 2014-01-17 10:39:35,528 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved > principal administrator> > INFO: 2014-01-17 10:39:35,528 INFO > [org.jasig.cas.authentication.AuthenticationManagerImpl] - [hidden > email]<http://user/SendEmail.jtp?type=node&node=7579529&i=0> > INFO: 2014-01-17 10:39:35,529 DEBUG > [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Attribute map > for administrator: {Name=Administrator}> > INFO: 2014-01-17 10:39:35,532 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: [username: administrator] > WHAT: supplied credentials: [username: administrator] > ACTION: AUTHENTICATION_SUCCESS > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:35 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:35,537 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org] > to registry.> > INFO: 2014-01-17 10:39:35,537 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: [username: administrator] > WHAT: > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org > ACTION: TICKET_GRANTING_TICKET_CREATED > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:35 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:35,538 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed > cookie with name [CASPRIVACY]> > INFO: 2014-01-17 10:39:35,538 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie > with name [CASTGC] and value [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org > ]> > INFO: 2014-01-17 10:39:35,539 DEBUG > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Removing ticket [ > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org] > from registry.> > INFO: 2014-01-17 10:39:35,539 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org > ]> > INFO: 2014-01-17 10:39:35,539 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org > ]> > INFO: 2014-01-17 10:39:35,539 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: > TGT-27-ilyCEfM7aAHpE7dQfaAEYeh69s5GItx3Yc6tdTqPTZ1np0TdFu-cas01.example.org > ACTION: TICKET_GRANTING_TICKET_DESTROYED > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:35 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:35,540 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org > ]> > INFO: 2014-01-17 10:39:35,540 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org] > found in registry.> > INFO: 2014-01-17 10:39:35,543 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ > ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org] to registry.> > INFO: 2014-01-17 10:39:35,543 INFO > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ > ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org] for service [ > http://localhost:8080/InteraccionSonriaCore/shiro-cas] for user > [administrator]> > INFO: 2014-01-17 10:39:35,543 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org > ]> > INFO: 2014-01-17 10:39:35,543 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ > TGT-1-Hr6RBu62I5Ws41yj1LT1B2YtCQLtv2YceaWrow6zyuPBSKiv1G-cas01.example.org] > found in registry.> > INFO: 2014-01-17 10:39:35,544 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: administrator > WHAT: ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org for > http://localhost:8080/InteraccionSonriaCore/shiro-cas > ACTION: SERVICE_TICKET_CREATED > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:35 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:35,568 DEBUG > [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated > service for: http://localhost:8080/InteraccionSonriaCore/shiro-cas> > INFO: 2014-01-17 10:39:35,570 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org]> > INFO: 2014-01-17 10:39:35,570 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Ticket [ > ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org] found in registry.> > INFO: 2014-01-17 10:39:35,570 DEBUG > [org.jasig.cas.CentralAuthenticationServiceImpl] - <Principal id to return > for service [HTTP and IMAP] is [administrator]. The default principal id is > [administrator].> > INFO: 2014-01-17 10:39:35,575 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Removing ticket [ > ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org] from registry> > INFO: 2014-01-17 10:39:35,575 DEBUG > [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Attempting to > retrieve ticket [ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org]> > INFO: 2014-01-17 10:39:35,575 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit > trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org > ACTION: SERVICE_TICKET_VALIDATED > APPLICATION: CAS > WHEN: Fri Jan 17 10:39:35 COT 2014 > CLIENT IP ADDRESS: 127.0.0.1 > SERVER IP ADDRESS: 127.0.0.1 > ============================================================= > > > INFO: 2014-01-17 10:39:35,600 DEBUG > [org.jasig.cas.web.ServiceValidateController] - <Successfully validated > service ticket: ST-1-evdgwpfSen9mPhEt2OxN-cas01.example.org> > INFO: 2014-01-17 10:40:29,819 INFO > [org.jasig.cas.services.DefaultServicesManagerImpl] - <Reloading registered > services.> > INFO: 2014-01-17 10:40:29,821 DEBUG > [org.jasig.cas.services.DefaultServicesManagerImpl] - <Adding registered > service ^(https?|imaps?)://.*> > INFO: 2014-01-17 10:40:29,821 INFO > [org.jasig.cas.services.DefaultServicesManagerImpl] - <Loaded 1 services.> > > > -- > Eduardo J. Ortega > Tel: 57+1+2553580 > Cel: 57+317+4415156 > Zürich > CL 72 5 83 Piso 11, Bogotá, CO. > > On 17/01/14 02:03, jleleu wrote: > > Hi, > > Good for SLO! > > Would you mind enablig *DEBUG *logs on *org.jasig* to see what's going on > in your Shiro application regarding SAML? > > Thanks. > Best regards, > Jérôme > > > > 2014/1/16 Eduardo J. Ortega U [via Shiro User] <[hidden email] > <http://user/SendEmail.jtp?type=node&node=7579529&i=1>> > > > Just to update, SIngle Sign Out works, the problem was my Shiro > application didn't have the signout filters before the rest... I moved > them up and it's working. However, the attribute retrieval from CAS is > still failing (When I set up SAML validation protocol, I get always > redirected to casFilter.failureUrl). All required JARs are already > available on classpath. Any help is greatly appeciated. > > Regards, > > -- > Eduardo J. Ortega > Tel: 57+1+2553580 > Cel: 57+317+4415156 > Zürich > CL 72 5 83 Piso 11, Bogotá, CO. > > On 16/01/14 11:33, Eduardo J. Ortega U wrote: > > > Hi, Jérôme: > > Thanks for the info on the logout, I will try and report back. About > the attributes issue, I tried setting casRealm.validationProtocol = > SAML but when I try to access the protected areas, I get redirected to > CAS, do login and then I get redirected to my casFilter.failureUrl = > /error.jsp instead of my protected page. > From https://wiki.jasig.org/display/CASUM/SAML+1.1 I understand that > my application should be submitting a POST request to cas/samlValidate > , I did some sniffing with wireshark and see no such request taking > place. Here's my shiro.ini (CAS protected areas are under protected, > feel free to ignore filters applytin to other sections): > > [main] > cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager > securityManager.cacheManager = $cacheManager > cauthc=co.com.sonria.seguridad.FiltroAutenticacion > cauthc.loginUrl = /publico/login.jsf > cauthc.successUrl = /comun/bienvenido.jsf > logout.redirectUrl = /publico/login.jsf > cauthc.usernameParam = j_username > cauthc.passwordParam = j_password > cauthc.failureKeyAttribute = loginFailure > casFilter = org.apache.shiro.cas.CasFilter > casFilter.failureUrl = /error.jsp > casRealm = org.apache.shiro.cas.CasRealm > casRealm.defaultRoles = ROLE_USER > #casRealm.defaultPermissions > #casRealm.roleAttributeNames > #casRealm.permissionAttributeNames > casRealm.validationProtocol = SAML > #casRealm.casServerUrlPrefix = http://192.168.88.207:8080/cas/ > casRealm.casServerUrlPrefix =http://192.168.88.103:8080/cas-server-webapp/ > casRealm.casService > =http://192.168.88.103:8080/InteraccionSonriaCore/shiro-cas > casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory > securityManager.subjectFactory = $casSubjectFactory > #roles.loginUrl = > > > > https://192.168.88.207:8181/cas/login?service=http://localhost:8080/InteraccionSonriaCore/shiro-cas > > roles.loginUrl = > > > > http://192.168.88.103:8080/cas-server-webapp/login?service=http://192.168.88.103:8080/InteraccionSonriaCore/shiro-cas > > [users] > administrador=administrador,ADMINISTRADOR > gerente = gerente,GERENTE > profesional = profesional,PROFESIONAL > paciente = paciente,PACIENTE > > [urls] > / = authc > /publico/login.jsf=cauthc > /logout = logout > /plantillas/* = cauthc > /shiro-cas = casFilter > /protected/** = roles[ROLE_USER] > > Any ideas on what might I be doing wrong and telling my app there is a > CAS error instead of posting go samlValidate URL? Thanks. > > -- > Eduardo J. Ortega > Tel: 57+1+2553580 > Cel: 57+317+4415156 > Zürich > CL 72 5 83 Piso 11, Bogotá, CO. > > On 16/01/14 11:18, jleleu wrote: > > Hi, > > I'm talking about the CAS SLO: when calling /cas/logout, it should > trigger > the destruction of the web session of your Shiro application. > To use SAML, you need to configure SAML on the Shiro application side > > by > > using the *setValidationProtocol* method of the *CasRealm* object > (casRealm.validationProtocol = SAML). > Unless you use CAS 4.0-RCx, the SAML validation endpoint is available > out-of-the-box in the CAS server > (https://wiki.jasig.org/display/CASUM/SAML+1.1). > Best regards, > Jérôme > > > > 2014/1/16 Eduardo J. Ortega U [via Shiro User] < > [hidden email] <http://user/SendEmail.jtp?type=node&node=7579521&i=0> > <http://user/SendEmail.jtp?type=node&node=7579521&i=0>> > > > Hi, Jérôme: > > Thanks for you reply. A couple of questions, though: > > - When you say sign out should work, you mean I should call > > /logout > > from my app and it should log me out of CAS, or I should go to > cas/logout > and that should log me out of my application? > - How do I go about using the SAML validation? Is this something I > should setup in shiro? On CAS? Both? Can you point me to any docs > > / > > examples? > > Thanks, > > -- > Eduardo J. Ortega > Tel: 57+1+2553580 > Cel: 57+317+4415156 > Zürich > CL 72 5 83 Piso 11, Bogotá, CO. > > On 16/01/14 04:18, jleleu wrote: > > Hi, > > Regarding logout, I can't remember exactly if I did the test or > > someone > > else, but I think it works. Did you try some debugging in the > SingleSignOutFilter? > > To get user's attributes, things are a little more complex: > - you need to retrieve the user's attributes inside the CAS server > (should > be what you did) > - define that you want to push these attributes for the CAS service > representing the Shiro application (*allowedAttributes* or > *ignore*parameter for this CAS service) > - use the SAML validation > And then, the user's attributes will be available as the second > principal: > > > https://github.com/apache/shiro/blob/1.2.x/support/cas/src/main/java/org/apache/shiro/cas/CasRealm.java#L162 > > . > > Best regards, > Jérôme > > > > > 2014/1/15 Eduardo J. Ortega U [via Shiro User] <[hidden > email]<http://user/SendEmail.jtp?type=node&node=7579517&i=0> > <http://user/SendEmail.jtp?type=node&node=7579517&i=0>> > > > Hi, all: > > We are setting up out first Shiro enabled application with CAS > authentication. Authentication seems to work fine, however, we have > > two > > issues: > > - We want to have Single Sign out, so that when a user signs out > > of > > CAS, he/she is signed out of CAS and therefore all apps. > Currently, if I > logout of the application (using Shiro's logout feature), and > then try to > access one of the protected pages, browser gets redirected to > CAS, which in > turn validates and redirects to http://myhost/myapp/shiro-cas > and then > /shiro-cas redirects it to the requested URL of the application, > > so > > effectively the user is logged back in the application. Also, if > the user > logs out of CAS (visiting http://myhost/CAS/logout) its CAS > > session > > ends but the application session remains, so he / she can still > access the > protected areas. I set up the following on myapp web.xml: > > > <filter> > <filter-name>CAS Single Sign Out Filter</filter-name> > > > > > <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> > > > </filter> > > <filter-mapping> > <filter-name>CAS Single Sign Out Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > > <listener> > > > > > <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> > > > </listener> > > But it is not working. What am I missing? > > - We want to access some of the user attributes from inside our > application. I set up CAS properties to map the attributes, > setting this on > CAS deployerConfigContext.xml > > <bean id="attributeRepository" > > > class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> > > <property name="contextSource" ref="contextSource" /> > <property name="baseDN" > value="ou=People,dc=example,dc=com,dc=co" > /> > <property name="requireAllQueryAttributes" value="true" /> > <property name="queryAttributeMapping"> > <map> > <entry key="username" value="uid" /> > </map> > </property> > <property name="resultAttributeMapping"> > <map> > <!-- Mapping beetween LDAP entry attributes (key) and > Principal's (value) --> > <entry value="Name" key="displayName" /> > <entry key="distinguishedName" value="dn" /> > </map> > </property> > </bean> > And then access them from inside the Shiro application like this: > > AttributePrincipal principal = > (AttributePrincipal)request.getUserPrincipal(); > Map attributes = principal.getAttributes(); > > But we get an error saying we cannot cast Request to > AttributePrincipal. I > guess I am missing something here, too. > > Any help is greatly appreciated. > > > -- > -- > Eduardo J. Ortega > Tel: 57+1+2553580 > Cel: 57+317+4415156 > Zürich > CL 72 5 83 Piso 11, Bogotá, CO. > > > > ------------------------------ > If you reply to this email, your message will be added to the > discussion > below: > > > > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510.html > > To start a new topic under Shiro User, email[hidden > email]<http://user/SendEmail.jtp?type=node&node=7579517&i=1> > <http://user/SendEmail.jtp?type=node&node=7579517&i=1> > To unsubscribe from Shiro User, click here< > . > NAML< > > > http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.Bas > > icNamespa > > > > ce-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > > > < > > > http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.n > amespaces > .BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml > > <http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>> > > > > -- > View this message in context: > > > > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579514.html > > Sent from the Shiro User mailing list archive at Nabble.com. > > > > > ------------------------------ > If you reply to this email, your message will be added to the > discussion > below: > > > > > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579517.html > > To start a new topic under Shiro User, email > [hidden email] <http://user/SendEmail.jtp?type=node&node=7579521&i=1> > <http://user/SendEmail.jtp?type=node&node=7579521&i=1> > To unsubscribe from Shiro User, click > here< > . > NAML< > > > http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.n > amespaces > .BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml > > <http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>> > > > > > -- > View this message in context: > > > > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579518.html > > Sent from the Shiro User mailing list archive at Nabble.com. > > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579521.html > To start a new topic under Shiro User, email[hidden email] > <http://user/SendEmail.jtp?type=node&node=7579529&i=2> > To unsubscribe from Shiro User, click here< > . > NAML<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.Bas > icNamespa > ce-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > > <http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579525.html > Sent from the Shiro User mailing list archive at Nabble.com. > > > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > > http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579529.html > To start a new topic under Shiro User, email > [email protected] > To unsubscribe from Shiro User, click > here<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=582556&code=bGVsZXVqQGdtYWlsLmNvbXw1ODI1NTZ8LTExNzY2MzcxMTY=> > . > NAML<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > -- View this message in context: http://shiro-user.582556.n2.nabble.com/CAS-Single-Sign-Out-and-LDAP-attribute-retrieval-tp7579510p7579532.html Sent from the Shiro User mailing list archive at Nabble.com.
