Thanks a lot! This got me heading in the right direction. If you aren't using LDAP you need to add the attribute repository to the UsernamePasswordCredentialsToPrincipalResolver bean. Otherwise it just creates an empty stub by default.
I suppose this makes sense but it does nothing to quell my anger toward spring XML right now. Thanks again, David On Wed, Apr 18, 2012 at 5:46 PM, Dennis Roberts < [email protected]> wrote: > I don't know if it will help, but I have a blog post that provides details > about what I did: > http://dennisroberts.wordpress.com/2012/02/26/obtaining-cas-attributes-using-the-cas-2-0-protocol/ > . > > Let me know if that doesn't help. > > Thanks, > Dennis > > > On Apr 18, 2012, at 5:25 PM, David Challoner wrote: > > Thanks for the quick reply. > > I'm replaced my service configuration with yours and I'm still running > into the same problem. (I have tried both this and logging into the > service interface and manually selecting the attributes) > > If it helps I'm getting the "ImmutableAuthentication" object using the > "SimplePrinciple" implementation with the correct ID but just an empty map > of attributes. Maybe it should be getting the attributePrinciple somehow? > > My java debug fu is weak. > > > David > > On Wed, Apr 18, 2012 at 5:01 PM, Dennis Roberts < > [email protected]> wrote: > >> My first guess would be that attributes haven't been approved for the >> service. For a production deployment, the best bet is to the server's >> administrative webapp and release attributes to the services that should >> get them. If you're using a test CAS server then you can modify the >> serviceRegistryDao bean in deployerConfigContext.xml so that it looks like >> this: >> >> <bean id="serviceRegistryDao" >> class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> >> <property name="registeredServices"> >> <list> >> <bean class="org.jasig.cas.services.RegisteredServiceImpl"> >> <property name="id" value="0" /> >> <property name="name" value="HTTP" /> >> <property name="description" value="Only Allows HTTP Urls" >> /> >> <property name="serviceId" value="http://**"; /> >> <property name="evaluationOrder" value="10000001" /> >> + <property name="ignoreAttributes" value="true" /> >> </bean> >> >> <bean class="org.jasig.cas.services.RegisteredServiceImpl"> >> <property name="id" value="1" /> >> <property name="name" value="HTTPS" /> >> <property name="description" value="Only Allows HTTPS Urls" >> /> >> <property name="serviceId" value="https://**"; /> >> <property name="evaluationOrder" value="10000002" /> >> + <property name="ignoreAttributes" value="true" /> >> </bean> >> >> <bean class="org.jasig.cas.services.RegisteredServiceImpl"> >> <property name="id" value="2" /> >> <property name="name" value="IMAPS" /> >> <property name="description" value="Only Allows HTTPS Urls" >> /> >> <property name="serviceId" value="imaps://**" /> >> <property name="evaluationOrder" value="10000003" /> >> </bean> >> >> <bean class="org.jasig.cas.services.RegisteredServiceImpl"> >> <property name="id" value="3" /> >> <property name="name" value="IMAP" /> >> <property name="description" value="Only Allows IMAP Urls" >> /> >> <property name="serviceId" value="imap://**" /> >> <property name="evaluationOrder" value="10000004" /> >> </bean> >> </list> >> </property> >> </bean> >> >> Thanks, >> Dennis >> >> On Apr 18, 2012, at 3:44 PM, David Challoner wrote: >> >> I'm trying to get CAS setup to authenticate from a database and serve up >> some user attributes. >> >> Steps taken so far: >> >> *downloaded cas-server-3.4.11 >> *modified deployerConfig.xml >> *added JDBC query auth handler >> *added a list of "allowedAttributes"(using the Stub attribtues) to the >> RegisteredServiceImpl bean >> *modified cas.properties to include URL/hostname of test VM. >> *modified the CAS20 success JSP to display attributes as noted here(also >> the LDAP example): >> http://bowerstudios.com/node/645 >> >> *Generated self signed cert and keystore >> *launched with Jetty. >> >> Most of this seems to work. I can authenticate with my database >> credentials. I can edit the services and verify the stub attributes are >> set to be released. But the success service validation JSP just isn't >> getting any attributes passed to it. >> This is the success data added to the model from the debugger: >> >> [null, null, null, null, null, null, null, null, null, null, null, null, >> assertion=[principals={[[[email protected], >> attributes={authenticationMethod=org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler}]]} >> for service=http://test], null, null, null] >> >> >> Any ideas? It's so close to working but this last bit is killing me. >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
