CAS6 SAML usernameAttribute
59 views
Skip to first unread message
atilling
Oct 23, 2023, 2:53:17 PM10/23/23
to CAS Community
Working on a SAML integration where the subject needs to be the user's email address but despite the changes I've made it still releases the username attribute.
usernameAttributeProvider:
{
@class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider
usernameAttribute: userPrincipalName
}
{
@class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider
usernameAttribute: userPrincipalName
}
...
requiredNameIdFormat: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
In cas.properties we are defining the attribute
cas.authn.attribute-repository.ldap[0].attributes.eduPersonPrincipalName=mail
I found it odd that the service manager is giving userPrincipalName as the "username attribute" and not mail as mapped.
Looking at the attribute release in the response XML I see that the subject is still the username and the mail attribute is populated.
<?xml
version="1.0"
encoding="UTF-8"?>
<saml2p:Response
Destination="https://sitedown.conncoll.edu/"
ID="_972320461405286400"
InResponseTo="_07ccef8331e40d6e9c24c8a12ade2bd69884b1cbb6"
IssueInstant="2023-10-23T17:39:07.378Z"
Version="2.0"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
<saml2:Issuer
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://casdev.conncoll.edu/idp
</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion
ID="_1333994532661421056"
IssueInstant="2023-10-23T17:39:07.305Z"
Version="2.0"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<saml2:Issuer>https://casdev.conncoll.edu/idp</saml2:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
URI="#_1333994532661421056">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>
gOBjXAhXqdT7adKVPNrxD43urSqJQgTtDjcj64Wa2NE=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>CIuSEDbZ97Yf8VnnA774OXFgGQ0Qw9+HcZX8SnOWWcMT+zb5CUEh3hsKkSlQYr4PeRsn1AxxwpGKdIl9HWLjeF97zPMglpguDiyACsUHNtYGbcmlCIX9WQ+lEUIbrdDwP9c8F632INvPF6ACI9DTDSbLrzA2xJT44X2z4EFAAxJJVK/5MFAyWCopZTiMHsGv6CZ7FKSSjBdYe+zacyL7ZmT1LbFfgV1HK6SL9L3ChRCS5bcQ9vui9pOJ9aiD6Hf6rcO6HZcMuQPMCqNlQilSVVverSypwXv8qFdGYuzy+qiByyc+
xTjYR2NpBwECtttDMsZnfFfFxu91KusihOq2OA==
</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nsveLo/KHlchZAHX+dNks7YJSIhIK2xReT1+Vp0EgUYB71DW1tpx9jdEP21PeroK1wjoptbEuoqHetvl5i8/0L/zhVPQFu5jcqQUUnCUEa26wJdtZcpSUzHgudSZM/EHABEMQ+xEqC0Bdty8f9d7AuckWon88+EgyEiW7PYFkc7jDzPHiMBdVyRKVnwMDJIz2WVz3i2q55akpfy2UNMEkJlhm+GgOOKkHKW166gkvXi93duX5hE1lmSufqpQjta2Ev2Lw3BdPhnnCOXBym+rtNI5kl5A5B/opjm4djUY7hCYIBQfqUsykyoGDheAoW7HCYaffg4z+
Mu8TuwfjnDA0w==
</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
<ds11:DEREncodedKeyValue
xmlns:ds11="http://www.w3.org/2009/xmldsig11#">MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsveLo/KHlchZAHX+dNks7YJSIhIK2xR
eT1+Vp0EgUYB71DW1tpx9jdEP21PeroK1wjoptbEuoqHetvl5i8/0L/zhVPQFu5jcqQUUnCUEa26
wJdtZcpSUzHgudSZM/EHABEMQ+xEqC0Bdty8f9d7AuckWon88+EgyEiW7PYFkc7jDzPHiMBdVyRK
VnwMDJIz2WVz3i2q55akpfy2UNMEkJlhm+GgOOKkHKW166gkvXi93duX5hE1lmSufqpQjta2Ev2L
w3BdPhnnCOXBym+rtNI5kl5A5B/opjm4djUY7hCYIBQfqUsykyoGDheAoW7HCYaffg4z+Mu8Tuwf
jnDA0wIDAQAB
</ds11:DEREncodedKeyValue>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
NameQualifier="https://casdev.conncoll.edu/idp"
SPNameQualifier="https://sitedown.conncoll.edu/wp-content/plugins/miniorange-saml-20-single-sign-on/">atilling
</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData
Address="sitedown.conncoll.edu"
InResponseTo="_07ccef8331e40d6e9c24c8a12ade2bd69884b1cbb6"
NotOnOrAfter="2023-10-23T17:39:07.306Z"
Recipient="https://sitedown.conncoll.edu/"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions
NotBefore="2023-10-23T17:39:07.348Z"
NotOnOrAfter="2023-10-23T17:39:07.348Z">
<saml2:AudienceRestriction>
<saml2:Audience>https://sitedown.conncoll.edu/wp-content/plugins/miniorange-saml-20-single-sign-on/</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement
AuthnInstant="2023-10-23T17:36:35.417Z"
SessionIndex="_1170437499088431104"
SessionNotOnOrAfter="2023-10-24T17:39:07.295Z">
<saml2:SubjectLocality
Address="136.244.218.11"/>
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute
FriendlyName="UserName"
Name="UserName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>atilling</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="mail"
Name="mail"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>atil...@conncoll.edu</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="displayName"
Name="displayName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew P. Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="cn"
Name="cn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew P. Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="edupersonaffiliation"
Name="edupersonaffiliation"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>STAFF</saml2:AttributeValue>
<saml2:AttributeValue>EMPLOYEE</saml2:AttributeValue>
<saml2:AttributeValue>MEMBER</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="givenname"
Name="givenname"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="departmentNumber"
Name="departmentNumber"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Information Services/Enterprise Systems</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="memberof"
Name="memberof"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>
cn=EIS,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=staff,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=100000-901010-Information Services - Office of VP,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Knowbe4,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Knowbe4PII,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=DB_Users,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=CWUserEdit,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=AS2-083267125839-StataLocal,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=MAPS_LDAP,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=webadministrator,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=bbadm,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Forti-Two Factor,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Druva_InSync_Clients,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=knowbe4staff,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=meraki-tech,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=WirelessSU,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=CWADMIN,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="sn"
Name="sn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>
version="1.0"
encoding="UTF-8"?>
<saml2p:Response
Destination="https://sitedown.conncoll.edu/"
ID="_972320461405286400"
InResponseTo="_07ccef8331e40d6e9c24c8a12ade2bd69884b1cbb6"
IssueInstant="2023-10-23T17:39:07.378Z"
Version="2.0"
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
<saml2:Issuer
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://casdev.conncoll.edu/idp
</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion
ID="_1333994532661421056"
IssueInstant="2023-10-23T17:39:07.305Z"
Version="2.0"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<saml2:Issuer>https://casdev.conncoll.edu/idp</saml2:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference
URI="#_1333994532661421056">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>
gOBjXAhXqdT7adKVPNrxD43urSqJQgTtDjcj64Wa2NE=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>CIuSEDbZ97Yf8VnnA774OXFgGQ0Qw9+HcZX8SnOWWcMT+zb5CUEh3hsKkSlQYr4PeRsn1AxxwpGKdIl9HWLjeF97zPMglpguDiyACsUHNtYGbcmlCIX9WQ+lEUIbrdDwP9c8F632INvPF6ACI9DTDSbLrzA2xJT44X2z4EFAAxJJVK/5MFAyWCopZTiMHsGv6CZ7FKSSjBdYe+zacyL7ZmT1LbFfgV1HK6SL9L3ChRCS5bcQ9vui9pOJ9aiD6Hf6rcO6HZcMuQPMCqNlQilSVVverSypwXv8qFdGYuzy+qiByyc+
xTjYR2NpBwECtttDMsZnfFfFxu91KusihOq2OA==
</ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>nsveLo/KHlchZAHX+dNks7YJSIhIK2xReT1+Vp0EgUYB71DW1tpx9jdEP21PeroK1wjoptbEuoqHetvl5i8/0L/zhVPQFu5jcqQUUnCUEa26wJdtZcpSUzHgudSZM/EHABEMQ+xEqC0Bdty8f9d7AuckWon88+EgyEiW7PYFkc7jDzPHiMBdVyRKVnwMDJIz2WVz3i2q55akpfy2UNMEkJlhm+GgOOKkHKW166gkvXi93duX5hE1lmSufqpQjta2Ev2Lw3BdPhnnCOXBym+rtNI5kl5A5B/opjm4djUY7hCYIBQfqUsykyoGDheAoW7HCYaffg4z+
Mu8TuwfjnDA0w==
</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
<ds11:DEREncodedKeyValue
xmlns:ds11="http://www.w3.org/2009/xmldsig11#">MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsveLo/KHlchZAHX+dNks7YJSIhIK2xR
eT1+Vp0EgUYB71DW1tpx9jdEP21PeroK1wjoptbEuoqHetvl5i8/0L/zhVPQFu5jcqQUUnCUEa26
wJdtZcpSUzHgudSZM/EHABEMQ+xEqC0Bdty8f9d7AuckWon88+EgyEiW7PYFkc7jDzPHiMBdVyRK
VnwMDJIz2WVz3i2q55akpfy2UNMEkJlhm+GgOOKkHKW166gkvXi93duX5hE1lmSufqpQjta2Ev2L
w3BdPhnnCOXBym+rtNI5kl5A5B/opjm4djUY7hCYIBQfqUsykyoGDheAoW7HCYaffg4z+Mu8Tuwf
jnDA0wIDAQAB
</ds11:DEREncodedKeyValue>
</ds:KeyInfo>
</ds:Signature>
<saml2:Subject>
<saml2:NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
NameQualifier="https://casdev.conncoll.edu/idp"
SPNameQualifier="https://sitedown.conncoll.edu/wp-content/plugins/miniorange-saml-20-single-sign-on/">atilling
</saml2:NameID>
<saml2:SubjectConfirmation
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData
Address="sitedown.conncoll.edu"
InResponseTo="_07ccef8331e40d6e9c24c8a12ade2bd69884b1cbb6"
NotOnOrAfter="2023-10-23T17:39:07.306Z"
Recipient="https://sitedown.conncoll.edu/"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions
NotBefore="2023-10-23T17:39:07.348Z"
NotOnOrAfter="2023-10-23T17:39:07.348Z">
<saml2:AudienceRestriction>
<saml2:Audience>https://sitedown.conncoll.edu/wp-content/plugins/miniorange-saml-20-single-sign-on/</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement
AuthnInstant="2023-10-23T17:36:35.417Z"
SessionIndex="_1170437499088431104"
SessionNotOnOrAfter="2023-10-24T17:39:07.295Z">
<saml2:SubjectLocality
Address="136.244.218.11"/>
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute
FriendlyName="UserName"
Name="UserName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>atilling</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="mail"
Name="mail"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>atil...@conncoll.edu</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="displayName"
Name="displayName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew P. Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="cn"
Name="cn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew P. Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="edupersonaffiliation"
Name="edupersonaffiliation"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>STAFF</saml2:AttributeValue>
<saml2:AttributeValue>EMPLOYEE</saml2:AttributeValue>
<saml2:AttributeValue>MEMBER</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="givenname"
Name="givenname"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Andrew</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="departmentNumber"
Name="departmentNumber"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Information Services/Enterprise Systems</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="memberof"
Name="memberof"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>
cn=EIS,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=staff,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=100000-901010-Information Services - Office of VP,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Knowbe4,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Knowbe4PII,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=DB_Users,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=CWUserEdit,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=AS2-083267125839-StataLocal,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=MAPS_LDAP,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=webadministrator,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=bbadm,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Forti-Two Factor,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=Druva_InSync_Clients,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=knowbe4staff,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=meraki-tech,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=WirelessSU,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
<saml2:AttributeValue>
cn=CWADMIN,
ou=groups,
dc=conncoll,
dc=edu
</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute
FriendlyName="sn"
Name="sn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue>Tillinghast</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
</saml2p:Response>
Is there something I'm missing to get userPrincipalName/mail as the subject?
Dmitriy Kopylenko
Oct 23, 2023, 3:21:21 PM10/23/23
to cas-...@apereo.org
Hi.
Try this:
usernameAttributeProvider:
{
@class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider
usernameAttribute: mail
}
{
@class: org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider
usernameAttribute: mail
}
D.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/855695d8-33bf-4858-a145-344fe91601a8n%40apereo.org.
Dmitriy Kopylenko
Oct 23, 2023, 10:54:03 PM10/23/23
to atilling, CAS Community
By service manager you mean services management web app? If so, it could be a bug there.
D.
On Mon, Oct 23, 2023 at 17:09 atilling <atil...@conncoll.edu> wrote:
Manually editing the json to change it to mail worked.Any idea why the service manager is returning the wrong attribute names?
atilling
Oct 23, 2023, 10:54:03 PM10/23/23
to CAS Community, Dmitriy Kopylenko
Manually editing the json to change it to mail worked.
Any idea why the service manager is returning the wrong attribute names?
On Monday, October 23, 2023 at 3:21:21 PM UTC-4 Dmitriy Kopylenko wrote:
atilling
Oct 24, 2023, 2:06:23 AM10/24/23
to CAS Community, Dmitriy Kopylenko, CAS Community, atilling
Yes the service manager web app, built from
curl https://casinit.herokuapp.com/starter.tgz -d type=cas-management-overlay -d baseDir=cas-sm | tar -xzvf -
It was the json created by the web app that I modified to change the attribute.
Reply all
Reply to author
Forward
0 new messages