CAS Attribute

[john adz]

Hi,

I did cas mysql authentication. I want to send cas service to the user's email address. Add attribute, but not. Can you help me?

application.properties

cas.authn.accept.users=

cas.authn.jdbc.query[0].fieldUser=username

cas.authn.jdbc.query[0].sql=SELECT password FROM users WHERE username=?

cas.authn.jdbc.query[0].healthQuery=SELECT 1 FROM db.users

cas.authn.jdbc.query[0].tableUsers=users

cas.authn.jdbc.query[0].fieldPassword=password

cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:3306/db

cas.authn.jdbc.query[0].user=root

cas.authn.jdbc.query[0].password=***

cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT

cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=SHA-256

cas.authn.jdbc.query[0].passwordEncoder.secret=

cas.authn.jdbc.query[0].passwordEncoder.strength=16

cas.authn.jdbc.query[0].principalAttributeList=email,mail

cas.authn.attributeRepository.jdbc.sql=SELECT * FROM users WHERE {0}

cas.authn.attributeRepository.jdbc.username=username

cas.authn.attributeRepository.jdbc.healthQuery=

cas.authn.attributeRepository.jdbc.url=jdbc:mysql://localhost:3306/db

cas.authn.attributeRepository.jdbc.singleRow=true

cas.authn.attributeRepository.jdbc.user=root

cas.authn.attributeRepository.jdbc.password=***

cas.authn.attributeRepository.attributes.email=email

cas.authn.attributeRepository.attributes.mail=mail

[Ray Bon]

John,

Do you mean you want to email the user the service they logged in to? Or send the service the user's email address?

If the latter, you have to release the attribute in the service definition, https://apereo.github.io/cas/5.2.x/integration/Attribute-Release-Policies.html

To see what attributes are being released, use this logging:

        <!-- DEBUG Found principal attributes [...] for [username]

                   Attribute policy [???] allows release of [...] for [username]

                   Final collection of attributes allowed are: [...] -->

        <AsyncLogger name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy" level="debug"/>

Ray

-- 
Ray Bon
Programmer analyst
Development Services, University Systems
2507218831 | CLE 019 | rb...@uvic.ca

[john adz]

Hi,

Hello, I want to send other information such as mail address or firstname which is registered in user database. What should I add to application.properties? Can you give an example?

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1547831249.3078.147.camel%40uvic.ca.

[Ray Bon]

John,

From this part of the docs, https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#jdbc-1, you may need cas.authn.attributeRepository.jdbc[0].attributes.mail=mail

Ray

[john adz]

I added what you said in the file, but I got an error. The file contents and the output of cas.log are as follows.

application.properties

cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT

cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=SHA-256

cas.authn.jdbc.query[0].passwordEncoder.secret=

cas.authn.jdbc.query[0].passwordEncoder.strength=16

#cas.authn.jdbc.query[0].principalAttributeList=email,mail

cas.authn.attributeRepository.jdbc[0].attributes.mail=mail

cas.log

WARN [org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext] - <Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'com.ryantenney.metrics.spring.MetricsBeanPostProcessorFactory#4': Cannot resolve reference to bean 'metrics' while setting constructor argument; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'casMetricsConfiguration': Unsatisfied dependency expressed through field 'handlerMapping'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'casWebAppConfiguration': Unsatisfied dependency expressed through field 'casProperties'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'cas-org.apereo.cas.configuration.CasConfigurationProperties': Could not bind properties to CasConfigurationProperties (prefix=cas, ignoreInvalidFields=false, ignoreUnknownFields=true, ignoreNestedProperties=false); nested exception is org.springframework.beans.InvalidPropertyException: Invalid property 'authn.attributeRepository.jdbc[0][attributes][mail]' of bean class [org.apereo.cas.configuration.model.core.authentication.AuthenticationProperties]: Illegal attempt to get property 'jdbc' threw exception; nested exception is org.springframework.beans.InvalidPropertyException: Invalid property 'authn.attributeRepository.jdbc[0][attributes][mail]' of bean class [org.apereo.cas.configuration.model.core.authentication.AuthenticationProperties]: Property referenced in indexed property path 'jdbc[0][attributes][mail]' is neither an array nor a List nor a Set nor a Map; returned value was [org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesProperties$Jdbc@17869b28]>

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1547841558.3078.169.camel%40uvic.ca.

[Michele Melluso]

It seems like you are missing how to extract attributes.

You can see how this is done here:

https://apereo.github.io/2018/02/20/cas-service-rbac-attributeresolution/

then i guess that you should define an attribute release policy as described here:

https://apereo.github.io/cas/6.0.x/integration/Attribute-Release-Policies.html

hope it helps

Michele

[john adz]

Hi Michele;

I tried to do as you said. I am sending the contents of the file. Can you help me?

application.properties

cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT

cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=SHA-256

cas.authn.jdbc.query[0].passwordEncoder.secret=

cas.authn.jdbc.query[0].passwordEncoder.strength=16

#cas.authn.jdbc.query[0].principalAttributeList=email,mail

#cas.authn.attributeRepository.jdbc.attributes.uid=mail

cas.authn.attributeRepository.jdbc.singleRow=false

cas.authn.attributeRepository.jdbc.sql=SELECT * FROM users WHERE {0}

cas.authn.attributeRepository.jdbc.username=username

cas.authn.attributeRepository.jdbc.url=jdbc:mysql://localhost:3306/db

cas.authn.attributeRepository.jdbc.dialect=org.hibernate.dialect.MySQL57InnoDBDialect

cas.authn.attributeRepository.jdbc.user=root

cas.authn.attributeRepository.jdbc.password=***

###cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver

cas.authn.attributeRepository.jdbc.driverClass=com.mysql.jdbc.Driver

cas.authn.attributeRepository.jdbc.columnMappings.password=email

cas.authn.attributeRepository.jdbc.healthQuery=SELECT 1 FROM account_db.users

cas.authn.attributeRepository.attributes.mail=email

cas.authn.attributeRepository.defaultAttributesToRelease=email

cas.log is also the attribute field as follows

2019-01-21 13:18:40,953 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Locating principal attributes for **username**>

2019-01-21 13:18:40,955 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes {} for **username**>

2019-01-21 13:18:40,956 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Calling attribute policy ReturnAllowedAttributeReleasePolicy to process attributes for **username**>

2019-01-21 13:18:40,956 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attribute policy ReturnAllowedAttributeReleasePolicy allows release of {} for **username**>

2019-01-21 13:18:40,956 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Checking default attribute policy attributes>

2019-01-21 13:18:40,956 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Located application context. Retrieving default attributes for release, if any>

2019-01-21 13:18:40,957 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes for release are: [email]>

2019-01-21 13:18:40,957 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes found to be released are {}>

2019-01-21 13:18:40,957 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attempting to merge policy attributes and default attributes>

2019-01-21 13:18:40,957 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding default attributes first to the released set of attributes>

2019-01-21 13:18:40,957 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding policy attributes to the released set of attributes>

2019-01-21 13:18:40,958 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Final collection of attributes allowed are: {}>

I don't understand where I'm doing wrong. I'm using cas 5.0.x.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3663f6da-1b0f-4953-a728-2dc81ee02113%40apereo.org.

[Ray Bon]

John,

The logging file is in /etc/cas/config in your project directory.

There are a lot of changes from 5.0.x to 5.2.x with regard to cas.properties. You are probably correct with the original config.

I think Michele is correct. You specify how you want to recognize attributes and you specify how to get those attributes.

You can check your sql query by enabling showSql, https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#hibernate--jdbc

Ray

P.S. It is always better to post to the user list, that way anyone can help and everyone can benefit

On Mon, 2019-01-21 at 09:31 +0300, john adz wrote:

Hi Rbon,

i need very urgent help. I wrote it in the forum, but it's getting a little slow down there. what else should I add into the application.properties file. I'm sending the file.

<! - DEBUG Found principal attributes [...] for [username]

                    Attribute policy [???] allows release of [...] for [username]

                    Final collection of attributes allowed are: [...] ->

         <AsyncLogger name = "org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy" level = "debug" />

  You told me to write this. Where should I write this? Can you help me out?

I'm using cas 5.0.x. Do I need to replace application.properties entirely with attributerepository?

applicaiton.properties

cas.authn.accept.users=

cas.authn.jdbc.query[0].fieldUser=username

cas.authn.jdbc.query[0].sql=SELECT password FROM users WHERE username=?

cas.authn.jdbc.query[0].healthQuery=SELECT 1 FROM db.users

cas.authn.jdbc.query[0].tableUsers=users

cas.authn.jdbc.query[0].fieldPassword=password

cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:3306/db

cas.authn.jdbc.query[0].user=root

cas.authn.jdbc.query[0].password=***

cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT

cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=SHA-256

cas.authn.jdbc.query[0].passwordEncoder.secret=

cas.authn.jdbc.query[0].passwordEncoder.strength=16

#cas.authn.jdbc.query[0].principalAttributeList=email,mail

cas.authn.attributeRepository.jdbc.attributes.uid=mail

[Ray Bon]

John,

Attribute release policy for 5.0.x is here https://apereo.github.io/cas/5.0.x/integration/Attribute-Release-Policies.html

You will also need to use SAML 1.1 or CAS 3 protocols, https://apereo.github.io/cas/5.0.x/integration/Attribute-Release.html

Ray

[john adz]

Hi Ray,

Thanks for your answer. I've done something, and I see e-mails in the logs. But I don't know how to send this email address to the application. Or I don't know if I'm sending it right now. log like

2019-01-22 07:28:04,472 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <QueryDatabaseAuthenticationHandler successfully authenticated username**>

2019-01-22 07:28:04,477 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated principal [username**] and attributes {email=a...@gmail.com} with credentials [username**].>

2019-01-22 07:28:04,478 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: Supplied credentials: [username**]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

>

2019-01-22 07:28:04,478 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: Supplied credentials: [username**]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

>

2019-01-22 07:28:04,480 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Locating principal attributes for username**>

2019-01-22 07:28:04,481 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes {email=a...@gmail.com} for username**>

2019-01-22 07:28:04,481 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Calling attribute policy ReturnAllowedAttributeReleasePolicy to process attributes for username**>

2019-01-22 07:28:04,481 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attribute policy ReturnAllowedAttributeReleasePolicy allows release of {} for username**>

2019-01-22 07:28:04,482 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Checking default attribute policy attributes>

2019-01-22 07:28:04,482 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Located application context. Retrieving default attributes for release, if any>

2019-01-22 07:28:04,482 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes for release are: [email]>

2019-01-22 07:28:04,483 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found and added default attribute for release: email>

2019-01-22 07:28:04,483 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes found to be released are {email=a...@gmail.com}>

2019-01-22 07:28:04,483 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attempting to merge policy attributes and default attributes>

2019-01-22 07:28:04,483 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding default attributes first to the released set of attributes>

2019-01-22 07:28:04,484 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding policy attributes to the released set of attributes>

2019-01-22 07:28:04,484 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Final collection of attributes allowed are: {email=a...@gmail.com}>

2019-01-22 07:28:04,485 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: TGT-**********************************************ys3O6zFWVi-

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

>

2019-01-22 07:28:04,485 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: TGT-**********************************************ys3O6zFWVi-1

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

2019-01-22 07:28:04,488 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Locating principal attributes for username**>

2019-01-22 07:28:04,489 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes {email=a...@gmail.com} for username**>

2019-01-22 07:28:04,489 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Calling attribute policy ReturnAllowedAttributeReleasePolicy to process attributes for username**>

2019-01-22 07:28:04,489 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attribute policy ReturnAllowedAttributeReleasePolicy allows release of {} for username**>

2019-01-22 07:28:04,489 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Checking default attribute policy attributes>

2019-01-22 07:28:04,490 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Located application context. Retrieving default attributes for release, if any>

2019-01-22 07:28:04,490 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes for release are: [email]>

2019-01-22 07:28:04,490 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found and added default attribute for release: email>

2019-01-22 07:28:04,490 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes found to be released are {email=a...@gmail.com}>

2019-01-22 07:28:04,496 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attempting to merge policy attributes and default attributes>

2019-01-22 07:28:04,496 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding default attributes first to the released set of attributes>

2019-01-22 07:28:04,496 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding policy attributes to the released set of attributes>

2019-01-22 07:28:04,496 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Final collection of attributes allowed are: {email=a...@gmail.com}>

2019-01-22 07:28:04,497 INFO [org.apereo.cas.CentralAuthenticationServiceImpl] - <Granted ticket [ST-4-aelgq7GeRcO3bkld9owo] for service [https://*

2019-01-22 07:28:04,498 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: ST-4-aelgq7GeRcO3bkld9owo- for https://*

ACTION: SERVICE_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

>

2019-01-22 07:28:04,498 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: ST-4-aelgq7GeRcO3bkld9owo- for https://k**

ACTION: SERVICE_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

=============================================================

2019-01-22 07:28:04,565 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: ST-4-aelgq7GeRcO3bkld9owo-

ACTION: SERVICE_TICKET_VALIDATED

APPLICATION: CAS

WHEN: Tue Jan 22 07:28:04 UTC 2019

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1548094473.3605.13.camel%40uvic.ca.

[Michele Melluso]

Hi, 

I was wrong, please ignore my previous answer.

Looking at your configuration I think you may be using the wrong properties to select attributes:

cas.authn.attributeRepository.attributes.mail=email

both in my configuration and here: https://apereo.github.io/2018/02/20/cas-service-rbac-attributeresolution/  the following properties are used:

cas.authn.attributeRepository.jdbc[0].attributes.mail=email

I hope this time to be correct :)

Michele

On Tuesday, January 22, 2019 at 9:17:28 AM UTC+1, Michele Melluso wrote:

Looking at your configuration I think you should replace in defaultattributesToRelease property the value email with mail.

That is because you defined an attribute called "mail" populated with the "email" field. The the new attribute "mail" is what you want to release.

cas.authn.attributeRepository.attributes.mail=email

cas.authn.attributeRepository.defaultAttributesToRelease=mail

Michele

[john adz]

Hi Michele,

I get an invalid property error when I use jdbc [0]. I'il try again and send the log. Because I am using cas 5.0.x. I think you said for 5.2. In the meantime, I can understand how the mail sent mail.

Thanks,

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8e1635b1-0a77-4944-88b1-17a408466f98%40apereo.org.

[Michele Melluso]

Could you try the same property without squared brackets?

cas.authn.attributeRepository.jdbc.attributes.mail=email

as described here?

https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#jdbc

[john adz]

I tried this way but I couldn't send the mail again.

application.properties

cas.authn.attributeRepository.jdbc.attributes.mail=email

cas.authn.attributeRepository.defaultAttributesToRelease=mail

cas.log

INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <QueryDatabaseAuthenticationHandler successfully authenticated username**>

2019-01-22 13:10:12,051 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated principal [username**] and attributes {email=aa@gg, id=24, password=5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5, username=username**} with credentials [username**].>

2019-01-22 13:10:12,059 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: Supplied credentials: [username**]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Jan 22 13:10:12 UTC 2019

=============================================================

>

2019-01-22 13:10:12,059 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: Supplied credentials: [username**]

ACTION: AUTHENTICATION_SUCCESS

APPLICATION: CAS

WHEN: Tue Jan 22 13:10:12 UTC 2019

=============================================================

2019-01-22 13:10:12,138 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Locating principal attributes for username**>

2019-01-22 13:10:12,139 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes {email=aa@gg, id=24, password=5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5, username=username**} for username**>

2019-01-22 13:10:12,140 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Calling attribute policy ReturnAllowedAttributeReleasePolicy to process attributes for username**>

2019-01-22 13:10:12,142 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attribute policy ReturnAllowedAttributeReleasePolicy allows release of {} for username**>

2019-01-22 13:10:12,143 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Checking default attribute policy attributes>

2019-01-22 13:10:12,143 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Located application context. Retrieving default attributes for release, if any>

2019-01-22 13:10:12,144 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes for release are: [mail]>

2019-01-22 13:10:12,145 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes found to be released are {}>

2019-01-22 13:10:12,145 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attempting to merge policy attributes and default attributes>

2019-01-22 13:10:12,145 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding default attributes first to the released set of attributes>

2019-01-22 13:10:12,146 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding policy attributes to the released set of attributes>

2019-01-22 13:10:12,146 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Final collection of attributes allowed are: {}>

2019-01-22 13:10:12,157 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: TGT-**********************************************y0RNBAtfXo-1

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 13:10:12 UTC 2019

=============================================================

>

2019-01-22 13:10:12,157 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

=============================================================

WHO: username**

WHAT: TGT-**********************************************y0RNBAtfXo-1

ACTION: TICKET_GRANTING_TICKET_CREATED

APPLICATION: CAS

WHEN: Tue Jan 22 13:10:12 UTC 2019

=============================================================

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4dd74afd-584b-4a46-b1db-3bcd4c2ea901%40apereo.org.

[Ray Bon]

John,

What happens on the client side?

Check client logs to see if email is being received.

Ray

[john adz]

Ray, I check the records that the error is returned because the mail did not come. I'm sending the log again. Is this way when the mail is gone? Or should I see the e-mail address in the WHO: WHAT: section of the page?

2019-01-23 07:17:28,283 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Locating principal attributes for username**>

2019-01-23 07:17:28,284 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found principal attributes {email=aa@ggg, id=3, password=5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5, username=username**} for username**>

2019-01-23 07:17:28,284 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Calling attribute policy ReturnAllowedAttributeReleasePolicy to process attributes for username**>

2019-01-23 07:17:28,286 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attribute policy ReturnAllowedAttributeReleasePolicy allows release of {} for username**>

2019-01-23 07:17:28,287 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Checking default attribute policy attributes>

2019-01-23 07:17:28,287 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Located application context. Retrieving default attributes for release, if any>

2019-01-23 07:17:28,288 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes for release are: [email]>

2019-01-23 07:17:28,289 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Found and added default attribute for release: email>

2019-01-23 07:17:28,289 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Default attributes found to be released are {email=aa@ggg}>

2019-01-23 07:17:28,290 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Attempting to merge policy attributes and default attributes>

2019-01-23 07:17:28,290 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding default attributes first to the released set of attributes>

2019-01-23 07:17:28,290 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Adding policy attributes to the released set of attributes>

2019-01-23 07:17:28,290 DEBUG [org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy] - <Final collection of attributes allowed are: {email=aa@ggg}>

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1548182667.3605.56.camel%40uvic.ca.

[Ray Bon]

John,

What is your service definition for https://k?

Ray

[john adz]

Ray,

HTTPSandIMAPS-10000001.json

{

  "@class" : "org.apereo.cas.services.RegexRegisteredService",

  "serviceId" : "^(https|imaps|http)://.*",

  "name" : "HTTPS and IMAPS",

  "id" : 10000001,

  "description" : "This service definition authorizes all application urls that support HTTPS and IMAPS protocols.",

  "evaluationOrder" : 10000

}

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1548262151.3605.82.camel%40uvic.ca.

[Ray Bon]

John,

You will need to add an attributeReleasePolicy section to the service. See https://apereo.github.io/cas/5.0.x/integration/Attribute-Release-Policies.html

"attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
  }

Ray

[john adz]

Ray,

I tried this way, the mail address in the application if it is already in error.

users/auth/cas3/omniauth_error?error=Email+has+already+been+taken

He didn't give up this mistake before. But when I try with a new user and his new mail address, the application gives error again.

Thanks,

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1548269212.3605.100.camel%40uvic.ca.