Attribute Release Policies v5.0.2
Wickham, Jeremy
Have a question about attributes released to the client. My service definition has ReturnedAllowedAttributeReleasePolicy, but my logs are telling me that ReturnAllAttributeReleasePolicy is being used. Is something cached somewhere that I am unaware of? I’ve restarted both of my development CAS servers, and the same results are coming across.
{
"@class": "org.apereo.cas.services.RegexRegisteredService",
"serviceId": "^http://mobile-devel01.its.msstate.edu:8080/.*",
"name": "Testing Attributes",
"id": 7950495929987443,
"description": "Testing Attibutes",
"evaluationOrder": 1,
"logoutType": "NONE",
"attributeReleasePolicy":
{
"@class": "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalAttributesRepository":
{
"@class": "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository",
"expiration": 2,
"timeUnit": "HOURS"
},
"authorizedToReleaseCredentialPassword": false,
"authorizedToReleaseProxyGrantingTicket": false,
"allowedAttributes":
[
"java.util.ArrayList",
[
"msuUDCID"
]
]
},
"multifactorPolicy":
{
"@class": "org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy",
"failureMode": "CLOSED"
},
"accessStrategy":
{
"@class": "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled": true,
"ssoEnabled": true,
"requireAllAttributes": false,
"caseInsensitive": false
}
2017-02-23 17:04:02,223 DEBUG [org.apereo.cas.CentralAuthenticationServiceImpl] - <Located registered service definition id=7950495929987443,name=Testing Attributes,description=Testing Attibutes,serviceId=^http://mobile-devel01.its.msstate.edu:8080/.*,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=<null>,evaluationOrder=1,logoutType=NONE,attributeReleasePolicy=org.apereo.cas.services.ReturnAllAttributeReleasePolicy@1286a51[attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@f74005[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@1ab15bb[enabled=true,ssoEnabled=true,requireAllAttributes=false,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false,rejectedAttributes={}],publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@1939bec,logo=<null>,logoutUrl=<null>,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@17910ea[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>],<null> from http://mobile-devel01.its.msstate.edu:8080/cas-attribute-test/ to handle validation request>
Thanks,
-Jeremy
________________________
Jeremy Wickham
Senior Systems Analyst
Mississippi State University
Misagh Moayyed
- You’ll need to provide the name of the file, which judging by the name in the JSON is likely not valid name.
- If that file is exactly as you have provided, then it’s bad JSON (though CAS is forgiving)
- You need to look into your start-up logs under DEBUG to see what’s happening when CAS is loading services.
Misagh
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/821cc53d05a4465680142688e4a6daaf%40mail04.ad.msstate.edu.