cas other attribute

[asep-002]

im using cas version 4.0, i want to take another attribute from my ldap server.

i see documentation to take another other attribute there 2 step, first resolution and then release. im succesed resolution step, but my user unable to get mapping attribute.
heres my log.

 

2016-06-28 16:13:48,441 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Attempting LDAP authentication for asep+password>
2016-06-28 16:13:48,444 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <LDAP response: [org.ldaptive.auth.AuthenticationResponse@1937247148::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[dn=uid=asep,ou=people,dc=eu,dc=id[[uid[asep]], [mail[as...@staff.eu.id]], [sn[kampak]], [ou[research lab]], [cn[asep kampak]]], responseControls=null, messageId=-1], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null]>
2016-06-28 16:13:48,444 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [cn[asep kampak]]>
2016-06-28 16:13:48,444 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [mail[as...@staff.eu.id]]>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [sn[kampak]]>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [ou[research lab]]>
2016-06-28 16:13:48,445 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler successfully authenticated asep+password>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - <Attempting to resolve a principal...>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - <Creating SimplePrincipal for [asep]>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Created seed map='{username=[asep]}' for uid='asep'>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Adding attribute 'username' with value '[asep]' to query builder 'null'>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Constructed LDAP search query [(uid={user})]>
2016-06-28 16:13:48,445 DEBUG [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Generated query builder '[org.ldaptive.SearchFilter@1028417470::filter=(uid={user}), parameters={0=asep}]' from query Map {username=[asep]}.>
2016-06-28 16:13:48,543 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@5308cb06 resolved asep from asep+password>
2016-06-28 16:13:48,543 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated asep with credentials [asep+password].>
2016-06-28 16:13:48,543 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for asep: {}>

i can see my attribute at log "Found prinicipal attribute" but after resolve unable to my user.
my config for resolution in deployerConfigContext.xml.

<bean id="ldapAuthenticationHandler"
    class="org.jasig.cas.authentication.LdapAuthenticationHandler"
      p:principalIdAttribute="uid"
      c:authenticator-ref="authenticator">
    <property name="principalAttributeMap">
        <map>
            <!--
               | This map provides a simple attribute resolution mechanism.
               | Keys are LDAP attribute names, values are CAS attribute names.
               | Use this facility instead of a PrincipalResolver if LDAP is
               | the only attribute source.
               -->
            <entry key="cn" value="simpleName" />
            <entry key="mail" value="email" />
            <entry key="sn" value="fullname" />
            <entry key="ou" value="unit" />
        </map>
    </property>
</bean>

release config

<bean class="org.jasig.cas.services.RegisteredServiceImpl">
  <property name="id" value="0" />
  <property name="name" value="HTTPS Services" />
  <property name="description" value="HTTP Service ITB" />
  <property name="serviceId" value="https://**" />
  <property name="allowedAttributes">
    <list>
      <value>simpleName</value>
      <value>email</value>
      <value>fullname</value>
      <value>unit</value>
    </list>             
  </property>
</bean>

please give me some advice, i got stuck.
thank you.
 

[ghulam faqih]

any advice guys.

--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d30106c8-0646-47f0-a730-28b1ccc61761%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[Dmitriy Kopylenko]

Two questions for you:

1) Why are you still using v4.0? (perhaps you're running it in production and haven’t had a chance to upgrade?)

2) What does your authenticationManager bean definition look like?

Cheers,

D.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOTF3O3syLcUt8VGKz2%3DStYp_XWa3Qae_Oh12ds2mFO1_o595w%40mail.gmail.com.

[ghulam faqih]

thanks Dmitriy for your advice.

1. im still not success install cas+ldap authentication using v4.2 with same configuration in v4.0
2. here my authenticationManager

    <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
        <constructor-arg>
            <map>
         <entry key-ref="ldapAuthenticationHandler" value-ref="usernamePasswordCredentialsResolver" />
            </map>
        </constructor-arg>

[Dmitriy Kopylenko]

First, the 4.2 configuration for authentication manager is significantly different from 4.0. My suggestion would be for you to study documentation for different versions (it's all there).

Second, change to this line in your authenticationManager:

<entry key-ref="ldapAuthenticationHandler" value=#{null}" />

Cheers,

D. 

[ghulam faqih]

i change my bean authenticationManager  to.

<entry key-ref="ldapAuthenticationHandler" value=#{null}" />

still unable to get attribute for user cas, the attribute stiill null.

heres my log.

2016-07-12 11:53:25,696 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [cn[tomi ]]>
2016-07-12 11:53:25,696 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [mail[to...@labs.ac.id]]>
2016-07-12 11:53:25,697 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [sn[tomi harjo]]>
2016-07-12 11:53:25,697 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [ou[RESEARCH]]>
2016-07-12 11:53:25,698 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler successfully authenticated tomi+password>
2016-07-12 11:53:25,698 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <org.jasig.cas.authentication.principal.BasicPrincipalResolver@11fb40eb resolved tomi from tomi+password>
2016-07-12 11:53:25,700 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated tomi with credentials [tomi+password].>
2016-07-12 11:53:25,700 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for tomi: {}>
2016-07-12 11:53:25,704 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

i think i dont know how to release that attribute to my user.