[cas-user] requiredHandlers not work?

artur miś Wed, 01 Dec 2021 09:18:14 -0800

I've got serivce like this:
test-1.json

{
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "^(http|https|imaps)://exampleorg/casphp",
"name": "test",
"id": 1,
"evaluationOrder": 1,
"requiredHandlers" : [ "java.util.HashSet", [ "everest" ] ]
}



and in cas.propierties i have  3 handlers with AD Ldap:

cas.authn.ldap[0].name=everest
cas.authn.ldap[0].type=AUTHENTICATED
cas.authn.ldap[0].ldapUrl=ldaps://****
cas.authn.ldap[0].baseDn=****
cas.authn.ldap[0].bindDn=ldap
cas.authn.ldap[0].bindCredential=****
cas.authn.ldap[0].searchFilter=******
cas.authn.ldap[0].principalAttributeId=sAMAccountName
cas.authn.ldap[0].connectTimeout=3000
cas.authn.ldap[0].principalAttributeList=displayName,cn,givenName,mail:genmail,synchNr

..
cas.authn.ldap[2].name=sth 

cas.authn.ldap[1].name=ppm 


But  Cas athenticated user via ppm not via  everest . Is it way to force  
auth users to service exampleorg/casphp only via everest.


I have made some auth test  using  API Cas and i see  that cas return user 
profile  using everest handler.



#!/bin/bash
ff=`curl -k -X POST -H 'Content-Type: Application/x-www-form-urlencoded' -H 
'Accept: applications/json' https://example.org/casphp/v1/tickets -d 
'username=nobody&password=pass'`
dd=`curl -X POST -H \"Content-Type: Application/x-www-form-urlencoded\" -H 
\"Accept: application/json\" 
https://example.org/casphp/v1/tickets/"$ff"?service=https://example.org/casphp";
st=`$dd`
vv="curl  -k  
https://example.org/casphp/p3/serviceValidate?service=https://example.org/casphp&ticket="$st
echo "|$vv|"

result:
|<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationSuccess>
        <cas:user>nobody</cas:user>
        <cas:attributes>
            
<cas:credentialType>UsernamePasswordCredential</cas:credentialType>
            <cas:isFromNewLogin>true</cas:isFromNewLogin>
            
<cas:authenticationDate>2021-12-01T17:12:03.233902Z</cas:authenticationDate>
            <cas:authenticationMethod>ppm</cas:authenticationMethod>
            
<cas:successfulAuthenticationHandlers>ppm</cas:successfulAuthenticationHandlers>
            
<cas:longTermAuthenticationRequestTokenUsed>false</cas:longTermAuthenticationRequestTokenUsed>
            </cas:attributes>
    </cas:authenticationSuccess>
</cas:serviceResponse>|


Thanks



-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/35b15f48-320c-4673-864f-f125fed64ac1n%40apereo.org.

[cas-user] requiredHandlers not work?

Reply via email to