Problem using ClearPass in returned attribute mode

[HURTEVENT VINCENT]

Hello,

I’m working on an upgrade from 3.5.3 to current stable (4.2.6) version and trying to get clearPass working using the new method (attribute in the validation response).

I followed the documentation (https://apereo.github.io/cas/4.2.x/integration/ClearPass.html) but I can’t get credentials in returned attributes.

On the Server logs I have :

2016-10-25 20:10:49,980 DEBUG [org.jasig.cas.web.v3.V3ServiceValidateController] - <Successfully validated service ticket ST-1-agVDTGIZtdndmucvcFPj-cas.test.fr for service [https://www.test.fr/owa/]>

2016-10-25 20:10:49,988 DEBUG [org.jasig.cas.web.view.Cas30ResponseView$Success] - <Preparing the output model to render view...>

2016-10-25 20:10:49,998 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <Starting to encode attributes for release to service [https://www.test.fr/owa/]>

2016-10-25 20:10:50,000 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[credential] is not available as a cached model attribute to encrypt...>

2016-10-25 20:10:50,001 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[proxyGrantingTicket] is not available as a cached model attribute to encrypt...>

2016-10-25 20:10:50,009 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[3] Encoded attributes are available for release to [https://www.test.fr/owa/]>

The service, as said in the documentation, is defined with :

  "attributeReleasePolicy" : {

    "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",

    "principalAttributesRepository" : {

      "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"

    },

    "authorizedToReleaseCredentialPassword" : true,

    "authorizedToReleaseProxyGrantingTicket" : false

  },

    "publicKey" : {

    "@class" : "org.jasig.cas.services.RegisteredServicePublicKeyImpl",

    "location" : "classpath:clearPass-test-pub.key",

    "algorithm" : "RSA"

  }

The public key «  clearPass-test-pub.key » is in the WEB-INF/classes directory.

For tests, I’m using phpCAS 1.3.4 with these snippet :

        phpCAS::client(CAS_VERSION_3_0, $cas_host, $cas_port, $cas_context);

        phpCAS::setCasServerCACert($cas_server_ca_cert_path);

        phpCAS::forceAuthentication();

        $username = phpCAS::getUser();

// And list attributes retrieved by

foreach (phpCAS::getAttributes() { blablabla }

Listing attributes returned with phpCAS only give :

authenticationDate

isFromNewLogin

longTermAuthenticationRequestTokenUsed

Where could be my mistake ?

Thank you !

[Misagh Moayyed]

https://apereo.github.io/cas/4.2.x/integration/ClearPass.html#cache-credentials ?

-- 
Misagh

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/F561E3EF-19EE-46EF-8F48-53FF7B950B2E%40univ-lyon1.fr.

[HURTEVENT VINCENT]

Shame on me

The line was there but not saved on disk…

I’m now getting the credentials, works perfectly :)

Sorry for the noise, 

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.580fa87b.7cdb35e3.cbd6%40unicon.net.