Andrea,
It is possible that property names have changed across versions.
To get a file with all cas properties:
./gradlew exportConfigMetadata
Then search that file for your property. eg:
You have:
cas.authn.attributeRepository.defaultAttributesToRelease
In version 6.5 it is:
cas.authn.attribute-repository.core.default-attributes-to-release
(camelCase and kebab-case work the same.)
To see what gradlew can do:
./gradlew tasks
Also, you can jump to your target version; no reason to crawl through
intermediate versions.
Ray
On Fri, 2023-06-09 at 17:45 +0200, Andrea Del Bene wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and sensitive information.
Hi everyone,
I'm working on my Apereo CAS installation to upgrade it from 6.0.x to the last
6.6.x. My installation has a number of services which must be accessed on a
role-based policy basis and the are configured like this:
"accessStrategy" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"requiredAttributes" : {
"@class" : "java.util.HashMap",
"user_type" : [ "java.util.HashSet", [ "o", "a", "u", "c" ] ]
}
},
"properties" : {
"@class" : "java.util.HashMap",
"jwtAsServiceTicket" : {
"@class" : "org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values" : [ "java.util.HashSet", [ "true" ] ]
}
}
Attributes are read from db and my CAS properties file contains the following
configuration to access db:
cas.authn.attributeRepository.expirationTime=5
cas.authn.attributeRepository.expirationTimeUnit=SECONDS
cas.authn.attributeRepository.maximumCacheSize=1000
cas.authn.attributeRepository.merger=REPLACE
cas.authn.attributeRepository.jdbc[0].singleRow=true
cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM dnshst.users WHERE {0}
cas.authn.attributeRepository.jdbc[0].username=user
cas.authn.attributeRepository.jdbc[0].url=${CORE_DB_URL}
cas.authn.attributeRepository.jdbc[0].user=${CORE_DB_USER}
cas.authn.attributeRepository.jdbc[0].password=${CORE_DB_PASSWORD}
cas.authn.attributeRepository.jdbc[0].driverClass=org.mariadb.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].autocommit=true
cas.authn.attributeRepository.jdbc[0].attributes.name=name
cas.authn.attributeRepository.jdbc[0].attributes.surname=surname
cas.authn.attributeRepository.jdbc[0].attributes.iduser=iduser
cas.authn.attributeRepository.jdbc[0].attributes.user_type=user_type
cas.authn.attributeRepository.jdbc[0].attributes.enabled=enabled
cas.authn.attributeRepository.jdbc[0].attributes.ishack=ishack
cas.authn.attributeRepository.jdbc[0].attributes.email_user=email_user
cas.authn.attributeRepository.jdbc[0].attributes.mfa_enabled=mfa_enabled
cas.authn.attributeRepository.defaultAttributesToRelease=name, surname, iduser,
user_type, enabled, ishack, email_user, mfa_enabled, surrogateEnabled,
surrogatePrincipal, surrogateUser
During my migration process I was able to reach version 6.2.x without any
problem, but using 6.3.0 CAS it stopped loading attributes from db. Checking
logs I noted that during authentication now I completely miss any log from
QueryDatabaseAuthenticationHandler. Doing further investigations I tried to run
my CAS installation starting with 6.3.0-RC1. Everything worked fine until I
tried 6.3.0-RC3 which led to the problem described above.
Is any of you aware of any change between 6.3.0-RC2 and 6.3.0-RC3 that could
have caused this behavior?
Thank you in advance.
Andrea Del Bene.
PS: these are my application dependencies
implementation "org.apereo.cas:cas-server-core-api-configuration-model"
implementation "org.apereo.cas:cas-server-webapp-init"
implementation "org.apereo.cas:cas-server-webapp${project.appServer}"
implementation "org.apereo.cas:cas-server-core-tickets-api"
implementation "org.apereo.cas:cas-server-support-jdbc-authentication"
implementation "org.apereo.cas:cas-server-support-token-tickets"
implementation "org.apereo.cas:cas-server-support-jpa-ticket-registry"
implementation "org.apereo.cas:cas-server-support-pm-jdbc"
implementation "org.apereo.cas:cas-server-support-jpa-service-registry"
implementation "org.apereo.cas:cas-server-support-rest"
implementation "org.apereo.cas:cas-server-support-rest-tokens"
implementation "org.apereo.cas:cas-server-support-throttle-bucket4j"
implementation "org.apereo.cas:cas-server-core-util"
implementation "org.apereo.cas:cas-server-core-util-api"
implementation "org.apereo.cas:cas-server-core-web"
implementation "org.apereo.cas:cas-server-core-web-api"
//implementation "org.apereo.cas:cas-server-support-captcha"
implementation "org.apereo.cas:cas-server-core-webflow"
implementation "org.apereo.cas:cas-server-core-webflow-api"
implementation "org.apereo.cas:cas-server-support-pac4j-webflow"
compileOnly "org.projectlombok:lombok:$lombokVersion"
annotationProcessor "org.projectlombok:lombok:$lombokVersion"
implementation group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.6.5'
implementation "org.apereo.cas:cas-server-support-surrogate-webflow"
implementation
"org.apereo.cas:cas-server-support-surrogate-authentication-jdbc"
//implementation "org.apereo.cas:cas-server-support-x509-webflow"
implementation "org.apereo.cas:cas-server-core-authentication-api"
implementation "org.apereo.cas:cas-server-support-surrogate-authentication"
implementation "org.apereo.cas:cas-server-support-surrogate-api"
implementation "org.apereo.cas:cas-server-core-services-api"
implementation "org.apereo.cas:cas-server-support-gauth-jpa"
implementation "org.apereo.cas:cas-server-support-otp-mfa-core"
//implementation "org.apereo.cas:cas-server-support-simple-mfa"
implementation "org.apereo.cas:cas-server-support-gauth"
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/d2baec4a1e3a05fc3e718a600e54c72e5f442ac2.camel%40uvic.ca.
