Jasig

SAML Response from CAS server

Classic

List

Threaded

3 messages Options

dsilvia

SAML Response from CAS server

I have followed the example to get SAML resonse from the url https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example. However, I am not able to see any of the attributes being set.

My bean attributeRepository looks like the following:

<bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="contextSource" />

<property name="baseDN" value="${cas.attributeRepository.baseDn}" />

<property name="requireAllQueryAttributes" value="${cas.attributeRepository.requireAllQueryAttributes}" />
<property name="ldapTemplate" ref="ldapTemplate" />

<property name="queryAttributeMapping">
<map>
<entry key="username" value="sAMAccountName"/>

</map>
</property>

<property name="resultAttributeMapping">
<map>

<entry value="displayName" key="displayName" />

</map>
</property>
</bean>

I am assuming that the username is the value being passed in as the login username and is being mapped as the sAMAccoountName where a query will search for that specific sAMAccountName. This should set the resultAttributeMapping in the SAML response.

I have gone into the service management page and registered the example site and set the returning attribute to be displayName. However, when I run the example after being redirected to login via CAS, all I see if the username that is entered in the CAS authentication page.

Is there something I am missing when thinking I should get response that should have the display name in it.

Thanks

dsilvia

Re: SAML Response from CAS server

I am actually saying, is that I am not seeing the LDAP attributes I have set up for the example in the Service management page when running the example.

Thanks

dsilvia

Re: SAML Response from CAS server

Ok, I have looked at the logs again and I see the attributess that I have setup in the attributeRepository bean in the deployerConfigContext file. The file looks like the following:

<bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="contextSource" />

<property name="baseDN" value="${cas.attributeRepository.baseDn}" />

<property name="requireAllQueryAttributes" value="${cas.attributeRepository.requireAllQueryAttributes}" />
<property name="ldapTemplate" ref="ldapTemplate" />

<property name="queryAttributeMapping">
<map>
<entry key="username" value="sAMAccountName"/>

</map>
</property>

<property name="resultAttributeMapping">
<map>

<entry value="displayName" key="displayName" />
<entry value="sn" key="sn" />
<entry key="cn" value="cn"/>
<entry key="distinguishedName" value="DN"/>
</map>
</property>
</bean>

I have set the attribues that should come back in the Service Management console for the example web app..

I look at the logs and I see the following:

<Attribute map for 561769: {sn=Someone, DN=CN=Joe Someone,CN=Users,DC=itsystems,DC=com,cn=Joe Someone, displayName=Joe Someone}> coming from the AuthenticationManagerImpl, which tells me that the attributes are being picked up and being set somewhere.

I have followed the example in url https://wiki.jasig.org/display/CASC/Saml11TicketValidationFilter+Example, However, I am still not able to see the attributes come across inthe example jsp page.

I am also running the example app under https

Is there something I am missing.

Thanks