Hi all,
I'm attempting to use a LdapPersonAttributeDao to populate the principal
attributes as documented here:
http://www.ja-sig.org/wiki/display/CASUM/Attributes
using an AD server for the contextSource. This is the same contextSource
wired into the BindLdapAuthenticationHandler. I'm able to
Okay, I think I know where I'm going wrong, the wiki page had me a bit
confused. I'm not sure where to go right though. When I move the
attributeRepository into the CTPR, it gets very unhappy.
Cannot convert value of type
[org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] to
You have to attach it to a CtPR not as a replacement too :-)
On Thu, Apr 15, 2010 at 11:03 AM, Patrick Berry pbe...@gmail.com wrote:
Okay, I think I know where I'm going wrong, the wiki page had me a bit
confused. I'm not sure where to go right though. When I move the
attributeRepository
Thanks, Marvin, for this suggestion. That does indeed seem to resolve the
PartialResultsException from bombing out the lookup, however, I'm not
getting the attributes mapped in the resultAttributeMapping. Here is the
revised snippets from deployerConfigContext.xml
bean id=attributeRepository
I'm not
getting the attributes mapped in the resultAttributeMapping.
I see you're searching at the directory root, which in AD generally
contains _many_ referrals. This is a complicated situation for which
most LDAP components do not have an optimal solution. The core
problem is that there is
Please forgive my denseness on this, but by attach do you mean as a ref,
like so? My Spring wiring/configuration knowledge is close to nil.
property name=credentialsToPrincipalResolvers
list
*ref bean=attributeRepository*
bean
Each ctpr has a property that takes an attributerepository.
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: Patrick Berry pbe...@gmail.com
Date: Thu, 15 Apr 2010 09:48:03
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] Attribute release in 3.4.2
Please forgive
Each ctpr has a property that takes an attributerepository.
e.g.
property name=credentialsToPrincipalResolvers
list
bean
class=org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver
property name=attributeRepository
Thanks that was too much to type from the phone ;-)
Sent from my Verizon Wireless BlackBerry
-Original Message-
From: Marvin Addison marvin.addi...@gmail.com
Date: Thu, 15 Apr 2010 12:54:21
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] Attribute release in 3.4.2
Each ctpr has
You should use the Saml11TicketValidator to get attributes. I know
the CAS protocol has been hacked with (at least partial) support for
attributes, but we use SAML exclusively at VT to get attributes, and
it works well.
On Thu, Apr 15, 2010 at 10:17 AM, Marvin Addison
marvin.addi...@gmail.comwrote:
You should use the Saml11TicketValidator to get attributes. I know
the CAS protocol has been hacked with (at least partial) support for
attributes, but we use SAML exclusively at VT to get attributes, and
it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Has anyone worked with CAS 3.4.2 and LDAP Password Policy Enforcement
(http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement)
yet?
I am wondering if the module for 3.3.5 worked, or if much customization
was required.
Thanks,
I'm looking to setup (and learn about) SAML and CAS.
Good resources:
http://www.ja-sig.org/wiki/display/CASUM/SAML+1.1
http://www.ja-sig.org/wiki/display/CASUM/Attributes
http://www.ja-sig.org/wiki/display/CASC/JASIG+Client+SAML+Saml11TicketValidationFilter+Example
Presumably you want SAML so
I would like to invite any JAAS experts or users with JAAS use cases,
particularly JEE use cases, to review the implementation attached to
http://www.ja-sig.org/issues/browse/CASC-108. I think it's solid, but
there may be considerations for other environments/containers that we
are unaware of.
So, would if be fair to state something like this:
When you configure Attribute Release as documented in the Services
Management section of the CAS User Manual you will not see these attributes
in the default CAS 1.0 or 2.0 response, only in the SAML validation
response.
That is a correct
On Thu, Apr 15, 2010 at 1:18 PM, Marvin Addison marvin.addi...@gmail.comwrote:
So, would if be fair to state something like this:
When you configure Attribute Release as documented in the Services
Management section of the CAS User Manual you will not see these
attributes
in the
Marvin Addison wrote:
I'm not
getting the attributes mapped in the resultAttributeMapping.
I see you're searching at the directory root, which in AD generally
contains _many_ referrals. This is a complicated situation for which
most LDAP components do not have an optimal solution. The
I'm not a JAAS expert but I'll take a look at it over the weekend. I know
Joe from Yale was doing some work with this type of stuff so if he's on this
list maybe he can take a quick look.
Cheers,
Scott
On Thu, Apr 15, 2010 at 3:34 PM, Marvin Addison marvin.addi...@gmail.comwrote:
I would
18 matches
Mail list logo