Hi, I am trying to setup CAS to return attributes(user permissions) related to an authenticated user. These attributes reside in an oracle database.
I have managed to get some attributes returning correctly however the queries return only the first result. I can see in the logs that I am getting multiple results per that attribute but for some reason it's not passed within the saml request: 2013-11-14 14:16:33,384 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got results [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]> We can see here clearly we get two results from the DB: ROLE_PERMISSIONS_MY_EVENTS ROLE_PERMISSIONS_CREATE_EVENTS However only the first one is returned: 2013-11-14 14:16:33,409 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Retrieved attributes='[NamedPersonImpl[name=ifridman,attributes={PERMISSIONS=[ROLE_PERMISSIONS_MY_EVENTS]}]]' for query='{username=[ifridman]}', isFirstQuery=false, currentlyConsidering='org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttribute ... Also on the client side (spring security) I can see that I get only the first raw result which is: ROLE_PERMISSIONS_MY_EVENTS <saml1:Attribute AttributeName="PERMISSIONS" AttributeNamespace="http://www.ja-sig.org/products/cas/"> <saml1:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">ROLE_PERMISSIONS_MY_EVENTS</saml1:AttributeValue> I expect to get here some list. Is it possible? This is my code to retrieve attributes from deployerConfigContext.xml: <bean class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource"/> <constructor-arg index="1" value="select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}"/> <property name="queryAttributeMapping"> <map> <entry key="username" value="Username"/> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="PERMISSION_NAME" value="PERMISSIONS"/> </map> </property> </bean> thanks. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user