On 24/02/11 21:50, Marvin Addison wrote:
Giannis, I apologize this took so long, but I've finally added some additional server-side logging that I hope will help. See https://issues.jasig.org/browse/CAS-954. Please grab source from https://source.jasig.org/cas3/branches/cas-3_4_x_maintenance/cas-server-3.4.2/, build/deploy, and see if it confirms whether or not the principal contains the expected attributes. I need to know whether CAS is getting the attributes from the IPersonAttributeDao properly. The additional logging should provide a definitive answer one way or the other.M
Hi Marvin, Here is the log from this release. thanx Giannis
> 2011-02-25 14:17:56,700 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler successfully authenticated the user which provided the following credentials: [username: [email protected]]> 2011-02-25 14:17:56,700 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Attempting to resolve a principal...> 2011-02-25 14:17:56,700 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...> 2011-02-25 14:17:56,700 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [[email protected]]> 2011-02-25 14:17:56,963 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved [email protected]. Trying LDAP resolve now...> 2011-02-25 14:17:56,963 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <LDAP search with filter "(|([email protected])([email protected]))"> 2011-02-25 14:17:56,963 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <returning searchcontrols: scope=2; search base=dc=example,dc=com; attributes=[eduPersonPrincipalName]; timeout=1000> 2011-02-25 14:17:57,236 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved [email protected] to [email protected]> 2011-02-25 14:17:57,236 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Creating SimplePrincipal for [[email protected]]> 2011-02-25 14:17:57,501 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal [email protected]> 2011-02-25 14:17:57,501 DEBUG [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Attribute map for [email protected]: {uid=user, [email protected], [email protected], Telephone=2810123456, cn=Giannis Kapetanakis}> 2011-02-25 14:17:57,501 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [username: [email protected]] WHAT: supplied credentials: [username: [email protected]] ACTION: AUTHENTICATION_SUCCESS APPLICATION: CAS WHEN: Fri Feb 25 14:17:57 EET 2011 CLIENT IP ADDRESS: 192.168.1.10 SERVER IP ADDRESS: idp.example.com ============================================================= > 2011-02-25 14:17:57,501 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [username: [email protected]] WHAT: TGT-4-SqJZafXHfgWgUBjXBaDuXeJrD7aYMDVnTXNfMIyF7ZfVuxkbnG-cas ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Fri Feb 25 14:17:57 EET 2011 CLIENT IP ADDRESS: 192.168.1.10 SERVER IP ADDRESS: idp.example.com ============================================================= > 2011-02-25 14:17:57,503 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-3-olxka0jPofgOKMjeHIWf-cas] for service [https://www.example.com/cas/] for user [[email protected]]> 2011-02-25 14:17:57,503 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: [email protected] WHAT: ST-3-olxka0jPofgOKMjeHIWf-cas for https://www.example.com/cas/ ACTION: SERVICE_TICKET_CREATED APPLICATION: CAS WHEN: Fri Feb 25 14:17:57 EET 2011 CLIENT IP ADDRESS: 192.168.1.10 SERVER IP ADDRESS: idp.example.com ============================================================= > 2011-02-25 14:17:57,613 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Attempted to extract Request from HttpServletRequest. Results:> 2011-02-25 14:17:57,613 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Request Body: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";><SOAP-ENV:Header/><SOAP-ENV:Body><samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z"><samlp:AssertionArtifact>ST-3-olxka0jPofgOKMjeHIWf-cas</samlp:AssertionArtifact></samlp:Request></SOAP-ENV:Body></SOAP-ENV:Envelope>> 2011-02-25 14:17:57,613 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Extracted ArtifactId: ST-3-olxka0jPofgOKMjeHIWf-cas> 2011-02-25 14:17:57,613 DEBUG [org.jasig.cas.authentication.principal.SamlService] - <Extracted Request Id: _192.168.16.51.1024506224022> 2011-02-25 14:17:57,614 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: audit:unknown WHAT: ST-3-olxka0jPofgOKMjeHIWf-cas ACTION: SERVICE_TICKET_VALIDATED APPLICATION: CAS WHEN: Fri Feb 25 14:17:57 EET 2011 CLIENT IP ADDRESS: 192.168.100.11 SERVER IP ADDRESS: idp.example.com ============================================================= >
smime.p7s
Description: S/MIME Cryptographic Signature
