Mike, If you are using the 3.X CAS Server line than the CAS 2.0 protocol does not release attributes (without a modification) you'll want to change to the Saml 1.1 protocol which does.
Thanks, John --- *John Gasper* IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef On 1/8/15 1:33 PM, Waldbieser, Carl wrote: > Mike, > > Are you using a service registry? If so, you probably need to enable the > attributes for the service. deployerConfigContext.xml is the global list of > available attributes, but that is further filtered by what each individual > service allows. > > Thanks, > Carl > > ----- Original Message ----- > From: "Mike Seiler" <michaelsei...@fuller.edu> > To: cas-user@lists.jasig.org > Sent: Thursday, January 8, 2015 3:57:54 PM > Subject: Re: [cas-user] Extra Attributes from Active Directory > > Carl, > > Thanks for your response. I'm seeing in the log that it is trying to > access the readExtraAttributesCas20() method, but not retrieving anything: > 1D89 .| | | | | <cas:serviceResponse xmlns:cas=' > http://www.yale.edu/tp/cas'> > 1D89 .| | | | | <cas:authenticationSuccess> > 1D89 .| | | | | <cas:user>michaelseiler</cas:user> > 1D89 .| | | | | > 1D89 .| | | | | > 1D89 .| | | | | </cas:authenticationSuccess> > 1D89 .| | | | | </cas:serviceResponse> > 1D89 .| | | | | [CurlRequest.php:82] > 1D89 .| | | | <= true > 1D89 .| | | <= true > 1D89 .| | | => CAS_Client::_readExtraAttributesCas20(DOMNodeList) > [Client.php:2813] > 1D89 .| | | | Testing for rubycas style attributes > [Client.php:2923] > > > I've updated the casServiceValidationSuccess.jsp to include the additional > user attributes, but it doesn't appear to be retrieving and sending them. > I've also modified deployerConfigContext.xml to use the > LdapPersonAttributeDao in the "attributeRepository." > > What else do I need to do to enable them at the server? > > Thanks for your help. > > Mike > > On Thu, Jan 8, 2015 at 12:10 PM, Waldbieser, Carl <waldb...@lafayette.edu> > wrote: > >> Mike, >> >> Try turning on debug output in the client with something like >> `phpCAS::setDebug($debug_file);`. >> Then you can see if the attributes are being returned. If not, you may >> need to enable them at the server. >> >> Thanks, >> Carl Waldbieser >> ITS Systems Programmer >> Lafayette College >> >> ----- Original Message ----- >> From: "Mike Seiler" <michaelsei...@fuller.edu> >> To: cas-user@lists.jasig.org >> Sent: Thursday, January 8, 2015 2:23:08 PM >> Subject: [cas-user] Extra Attributes from Active Directory >> >> I'm currently attempting to extract additional attributes using the >> information found here: >> >> https://wiki.jasig.org/display/casum/attributes#Attributes-AccessingattributesusingtheCASclientforjava >> >> And then trying to pull the data with phpCAS::getAttribute() in my web >> application. >> >> None of my efforts to extract attributes via their keys seems to be >> working, and I'm hoping someone has some history with this. >> >> I'm using the Unicon CAS Overlay to build my app, and am using Active >> Directory. I'm successfully authenticating, but pulling additional >> attributes is still failing for me. >> >> -- >> *Michael Seiler* >> -------------------------------------------------- >> Systems Integration Engineer >> Fuller Theological Seminary >> Phone: (970) 306-6105 >> michaelsei...@fuller.edu >> >> *Please NOTE:* >> I respond to email at 8 AM, 1PM, and at 4:30PM. If you need more immediate >> help, please contact TSS (626.584.5675) and they can route the issue to >> the >> appropriate person. If this is a business process life or death emergency, >> you may call me at the above number. >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> waldb...@lafayette.edu >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> michaelsei...@fuller.edu >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
