Hi all,
I've been trying to understand how attribute mapping works on cas, but I
am missing something.
So far I found this bean on deployerConfigContext.xml:
<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
p:principalIdAttribute="uid"
c:authenticator-ref="authenticator">
<property name="principalAttributeMap">
<map>
<!--
| This map provides a simple attribute resolution
mechanism.
| Keys are LDAP attribute names, values are CAS
attribute names.
| Use this facility instead of a PrincipalResolver
if LDAP is
| the only attribute source.
-->
<entry key="uid" value="uid" />
<entry key="member" value="member"/>
<entry key="displayName" value="displayName"/>
<entry key="groups" value="groups"/>
<entry key="mail" value="mail"/>
</map>
</property
In which I've added "mail" attribute.
Then, on the same file, I have:
<!--
Bean that defines the attributes that a service may return. This
example uses the Stub/Mock version. A real implementation
may go against a database or LDAP server. The id should remain
"attributeRepository" though.
+-->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
<entry>
<key><value>memberOf</value></key>
<list>
<value>faculty</value>
<value>staff</value>
<value>org</value>
</list>
</entry>
</util:map>
And then on cas-services/WEB-INF/managementConfigContext.xml there are
some entries which I don't really understand what they do, when I add a
attribute , it appears on the web interface, but nothing is being passed
to the CAS client:
<!--
Bean that defines the attributes that a service may return. This
example uses the Stub/Mock version. A real implementation
may go against a database or LDAP server. The id should remain
"attributeRepository" though.
-->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.StubPersonAttributeDao"
p:backingMap-ref="backingMap">
</bean>
<util:map id="backingMap">
<entry key="uid" value="uid"/>
<entry key="eduPersonAffiliation" value="eduPersonAffiliation"/>
<entry key="groupMembership" value="groupMembership"/>
<entry key="mail" value="mail"/>
</util:map>
I've tried to go over the oficial documentations but still is not clear
to me, can anyone give me a hint on this, please?
Thank you!
This is what the cas client gets always:
D, [2016-05-04T12:32:04.730895 #16991] DEBUG -- : CAS server responded
with #<Net::HTTPOK 200 OK readbody=true>:
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>jandres</cas:user>
</cas:authenticationSuccess>
</cas:serviceResponse>
--
Josep Manel Andrés (josep.and...@bsc.es)
Operations - Barcelona Supercomputing Center
C/ Jordi Girona, 31 http://www.bsc.es
08034 Barcelona, Spain Tel: +34-93-405 42 14
e-mail: syst...@bsc.es Fax: +34-93-413 77 21
-----------------------------------------------
WARNING / LEGAL TEXT: This message is intended only for the use of the
individual or entity to which it is addressed and may contain
information which is privileged, confidential, proprietary, or exempt
from disclosure under applicable law. If you are not the intended
recipient or the person responsible for delivering the message to the
intended recipient, you are strictly prohibited from disclosing,
distributing, copying, or in any way using this message. If you have
received this communication in error, please notify the sender and
destroy and delete any copies you may have received.
http://www.bsc.es/disclaimer
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5729D34C.8030401%40bsc.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
