Hi,
I'm working on integration with Azure AD too. I was able to connect wia
OpenID. To map attribute You need to define default attribute. Example
below:
cas.authn.attributeRepository.merger=REPLACE
cas.authn.releaseProtocolAttributes=true
cas.authn.attributeRepository.defaultAttributesToRelease=email,given_name,family_name,name
After that Attribute mapping start working for me.
Can You share configuration how integration with Saml Ip working for You ?
With oAuth 2.0 and OpenID I had problem with Azure AD. Redirect_url
parameter does not redirect with get parameters, and I had to override
default Pac4j configuration.
Thanks,
Lukas
pt., 5 paź 2018 o 23:15 Raghavan TV napisał(a):
> Hi All
>
> We were able to successfully integrate CAS 5.2.6 using delegated
> authentication agianst Azure AD (SAML Idp)
>
> We are now looking to map the SAML (claims) attributes to more meaningful
> names
>
> Azure SAML Response
>
> Destination="
> https://somedomain.cloudapp.azure.com:8443/cas/login?client_name=MY_SAML;
> ID="_6a00b756-53f4-4702-b329-7a6af0145fa0"
> InResponseTo="_d5nkosrzkcj29rlldngsuozq3uwtb5znanfm616"
> IssueInstant="2018-10-04T13:22:05.275Z" Version="2.0"
> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
>
> https://sts.windows.net/522b3803-a001-4675-b3b5-1d727d43585a/
> Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
> IssueInstant="2018-10-04T13:22:05.275Z"
> Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
>
> https://sts.windows.net/522b3803-a001-4675-b3b5-1d727d43585a/
> http://www.w3.org/2000/09/xmldsig#;>
> http://www.w3.org/2001/10/xml-exc-c14n#"/>http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
>
> http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
>
> BkenglDOQwAFlKJ3hLrZ4vUzAg9gOD9EFUjGKH9hsI4=
>
>
>
> HAKazQ1ApJ5w0NtxJs5E/qECDRz8C5xYjHtGDJtuuuULrM07HUjkoenQ4L34UhSO4qm6Jgo0roIP1bQAGDlq0DWmPu7P9nyPSaQbKiBMtDAO759rM/g0neTWWfYYuNfDFauA+CBuu1N2W15h/oYU85z2D//W8RJQDMB7JvkycPgKF9BY0RON+Rlo2qOFsZ8Z6TxNJgyDxPCQG5natKgVoAZ57lC4+giarBQJQgCFGjy5uckKx4tq2qDuSGnyxqpxqSSm0WNhRR4AqY+kMtNLvEv0aimLX5ezzeOTy7yGmnWNf+l8+FAai2US19Fu/G9xeMH9c3MjZ69MujIkFGqc3A==
>
>
>
> MIIDBTCCAe2gAwIBAgIQWOnQG5bZiIFAbuSzrxjvbDANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MB4XDTE4MDgwMTAwMDAwMFoXDTIwMDgwMTAwMDAwMFowLTErMCkGA1UEAxMiYWNjb3VudHMuYWNjZXNzY29udHJvbC53aW5kb3dzLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALM5fWyNaHwYqnCfxVBEqhfDHKWnNhqmVHH9McYM+bsRs9xl7DkuwsbvD6vOb4rANtVOuly+Eiv/fYhhwn8UFE4kzTRXWREIH+uoFCUDyItwtT8vNn253XzXuFiIeHEkSoHM4vckdP+G7lPEQRZtQjV2TTB/76eBrtnLdP/AAgp4KE4/kjSuKEvn4lwiKtQWYPmCBPh18erwmIFwBramK5CzNKT31ycTYpi3LZpjbIljzW7gzvX9P6/U+dmTmpOufKzJbAnnXKveMcRUZl7wXWxQpyKGAZ0q+8FKIcVbrO0mlbyPuQGynAOofsnhqPQVeO4lbsEgcmL9QXWdxdn6kYsCAwEAAaMhMB8wHQYDVR0OBBYEFMXZ+lF0trQrd4uWs+lQ7h0mls63MA0GCSqGSIb3DQEBCwUAA4IBAQAA/TRp5Cx6WWA04dCvoJNTd80KSO8uGrM2V4VhTlIU1zf8cjMocmBXSA0v+P3onkBHHwnMJs6fWuwcBL4vhqZ4jonPcgl3tUIGgDwywM3V4mC1JLZJXlBZASsAuKmHm6qwge6RVs+Ub1fcpOIViMgW/1Wj1tZm/v/NGHQ+EEJV1UXtE5OnFnzD+9TrfOTI/l855ryKNS6I+XNbtcIJUL87OWkMRgNgjOhBnmldA27sWWkFWfvxB0J7FvOkyWaLlyNe/jqCL3jYXzz0XBNGMbatmeKS3fgIihVUJ32Vt7GXI4ed0HuvhhZ6d+fvMnBPWdfteu018YHKeXyk/c2aegcj
>
>
>
>
> Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">nX16LJA-9igFhluTHQGlDUOK0CNPy_XfliMDJ3iud88
> Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> InResponseTo="_d5nkosrzkcj29rlldngsuozq3uwtb5znanfm616"
> NotOnOrAfter="2018-10-04T13:27:05.275Z"
> Recipient="
> https://somedomain.cloudapp.azure.com:8443/cas/login?client_name=MY_SAML
> "/>
>
> NotOnOrAfter="2018-10-04T14:17:05.275Z">
>
>
> spn:8b4fcc4d-6781-4da0-acc9-0c28a3317695
>
>
>
> http://schemas.microsoft.com/identity/claims/tenantid;>
>
> 522b3803-a001-4675-b3b5-1d727d43585a
>
> http://schemas.microsoft.com/identity/claims/objectidentifier;>
>
> 8fa1e8a3-41b8-440e-91cf-fafa246ab571
>
> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name;>
> xx...@.onmicrosoft.com
>
>
> http://schemas.microsoft.com/identity/claims/displayname;>
> Firstname Lastname
>
> http://schemas.microsoft.com/identity/claims/identityprovider;>
>
> https://sts.windows.net/522b3803-a001-4675-b3b5-1d727d43585a/
>
>
> http://schemas.microsoft.com/claims/authnmethodsreferences;>
>
> http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password
>
>
>