Thanks but you're script don't provide must attributes. I this this in logs :
2015-09-24 22:16:26,188 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Attempting LDAP authentication for guillaume.cher...@hisyl.org+password 2015-09-24 22:16:26,193 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP response: [org.ldaptive.auth.AuthenticationResponse@801674609::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[dn=uid=guillaume.cher...@hisyl.org,ou=People,dc=hisyl,dc=org[[uid[guillaume.cher...@hisyl.org]], [mail[guillaume.cher...@hisyl.org]], [sn[Chéramy]], [givenName[Guillaume]]], responseControls=null, messageId=-1], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null] 2015-09-24 22:16:26,188 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Attempting LDAP authentication for guillaume.cher...@hisyl.org+password 2015-09-24 22:16:26,193 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP response: [org.ldaptive.auth.AuthenticationResponse@801674609::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[dn=uid=guillaume.cher...@hisyl.org,ou=People,dc=hisyl,dc=org[[uid[guillaume.cher...@hisyl.org]], [mail[guillaume.cher...@hisyl.org]], [sn[Chéramy]], [givenName[Guillaume]]], responseControls=null, messageId=-1], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [uid[guillaume.cher...@hisyl.org]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [mail[guillaume.cher...@hisyl.org]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [sn[Chéramy]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [givenName[Guillaume]] 2015-09-24 22:16:26,195 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - LdapAuthenticationHandler successfully authenticated guillaume.cher...@hisyl.org+password 2015-09-24 22:16:26,196 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - No resolver configured for LdapAuthenticationHandler. Falling back to handler principal guillaume.cher...@hisyl.org 2015-09-24 22:16:26,198 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated guillaume.cher...@hisyl.org with credentials [guillaume.cher...@hisyl.org+password]. 2015-09-24 22:16:26,199 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Attribute map for guillaume.cher...@hisyl.org: {uid=guillaume.cher...@hisyl.org, mail=guillaume.cher...@hisyl.org, sn=Chéramy, givenName=Guillaume} 2015-09-24 22:16:26,195 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - LdapAuthenticationHandler successfully authenticated guillaume.cher...@hisyl.org+password 2015-09-24 22:16:26,196 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - No resolver configured for LdapAuthenticationHandler. Falling back to handler principal guillaume.cher...@hisyl.org 2015-09-24 22:16:26,198 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Authenticated guillaume.cher...@hisyl.org with credentials [guillaume.cher...@hisyl.org+password]. 2015-09-24 22:16:26,199 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - Attribute map for guillaume.cher...@hisyl.org: {uid=guillaume.cher...@hisyl.org, mail=guillaume.cher...@hisyl.org, sn=Chéramy, givenName=Guillaume} So we can see CAS retrive attributes : 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [uid[guillaume.cher...@hisyl.org]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [mail[guillaume.cher...@hisyl.org]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [sn[Chéramy]] 2015-09-24 22:16:26,194 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - Found principal attribute: [givenName[Guillaume]] But cas client can't see ths attributes :-( Le 24/09/2015 00:45, Manfredo Hopp a écrit : > Hi this script was usefull to me: > > I know there can be changes due to updated version of phpCAS. > > Regards Manfredo > > <?php > > //initialize the CAS library > require_once('auth/cas/CAS/CAS.php'); > $_REQUEST['login'] = 'uday'; > phpCAS::client(CAS_VERSION_2_0, 'server.name <http://server.name>', > 8444,'/cas'); > > phpCAS::setDebug($filename='phpCAS.log'); > phpCAS::traceBegin(); > phpCAS::setCasServerCACert('/xxx/yyy/cert.pem'); / > //phpCAS::setNoCasServerValidation(); > > //if the user is requesting to be logged in > if (isset($_REQUEST['login'])) { > phpCAS::forceAuthentication(); > //the user is known to be logged in to CAS at this point > $_SESSION['loggedInLocally'] = TRUE; //set a local variable > telling the program we are logged in > $_SESSION['username'] = phpCAS::getUser(); //this stores their > network user id > > } > > //if we want to log out of the program > if (isset($_REQUEST['logout'])) { > phpCAS::logout(); > $_SESSION['loggedInLocally'] = false; > unset($_SESSION['username']); > } > > if (isset($_SESSION['loggedInLocally']) && > $_SESSION['loggedInLocally']===true) { > echo "You are logged in to the application"; > } else { > echo "You are not logged in to the application. Log in by specifying > the 'login' log parameter to this script."; > } > > phpCAS::traceEnd(); > > ?> > > <html> > <head> > <title>phpCAS simple client</title> > </head> > <body> > <h1>Successfull Authentication!</h1> > <?php require 'script_info.php' ?> > <p>the user's login is <b><?php echo phpCAS::getUser(); ?></b>.</p> > <p>phpCAS version is <b><?php echo phpCAS::getVersion(); ?></b>.</p> > <p><a href="?logout=">Logout</a></p> > </body> > </html> > > > 2015-09-23 8:24 GMT-03:00 Guillaume Chéramy <guilla...@cheramy.name > <mailto:guilla...@cheramy.name>>: > > Hello, > > I search and try lots of configuration and I have no results. > > I want to provide ldap attributes from CAS I have defined > ldapPersonAttributeDao in deployerConfigContext.xml : > > <bean id="ldapPersonAttributeDao" > > > class="org.jasig.services.persondir.support.ldap.LdaptivePersonAttributeDao" > p:connectionFactory-ref="searchPooledLdapConnectionFactory" > p:baseDN="${ldap.baseDn}" > p:searchControls-ref="searchControls" > p:searchFilter="uid={0}"> > <property name="resultAttributeMapping"> > <map> > <!-- > | Key is LDAP attribute name, value is principal > attribute name. > --> > <entry key="uid" value="uid" /> > <entry key="mail" value="mail" /> > </map> > </property> > </bean> > > <bean id="searchControls" > class="javax.naming.directory.SearchControls" > p:searchScope="2" > p:countLimit="10" /> > > > I have no restriction in my service json : > > { > "@class" : "org.jasig.cas.services.RegexRegisteredService", > "serviceId" : "^https://phptestcas.domaine.com/.*", > "name" : "phptestcas", > "id" : 10000003, > "description" : "Authorization for testing application phptestcas.", > "proxyPolicy" : { > "@class" : > "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy" > }, > "evaluationOrder" : 0, > "usernameAttributeProvider" : { > "@class" : > "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" > }, > "logoutType" : "BACK_CHANNEL", > "accessStrategy" : { > "@class" : > "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", > "enabled" : true, > "ssoEnabled" : true > } > } > > But when I try a with phpcas to get attributes : > <p>uid : <b><?php echo phpCAS::getAttribute('uid'); ?></b>.</p> > <p>mail : <b><?php echo phpCAS::getAttribute('mail'); ?></b>.</p> > > I have no results. > > What I missing ? > > Sincerely > > guidtz > > -- > You are currently subscribed to cas-user@lists.jasig.org > <mailto:cas-user@lists.jasig.org> as: mhopp.coni...@gmail.com > <mailto:mhopp.coni...@gmail.com> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > guilla...@cheramy.name > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user