Unable to map PAC4J attributes
28 views
Skip to first unread message
Juan Carlos Giménez Moncada
Apr 15, 2016, 8:03:44 AM4/15/16
to cas-...@apereo.org
Dear List,
I'm trying to allow delegated authentication to Twitter using the pac4j
library as described in the documentation. The authentication is
successful but I'm unable to map the received attributes.
I have tried to use the BasicPrincipalResolver but looking at the code
I'm realizing that this specific implementation is not intended for
recovering attributes. I was wondering if I should use the
PersonDirectory with one of its AttributeDaos or if I'm in the right
direction.
To use the BasicPrincipalResolver I have configured the
deployerconfig.xml. Is there any specific way to configure the deployer
in other to extract pac4j attributes?
Following you can find the modifications I did to deployerconfig:
<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<entry key-ref="proxyAuthenticationHandler"
value-ref="proxyPrincipalResolver" />
<entry key-ref="ldapAuthenticationHandler"
value-ref="primaryPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler"
value-ref="basicPrincipalResolver" />
</map>
</constructor-arg>
<property name="authenticationMetaDataPopulators">
<util:list>
<bean
class="org.jasig.cas.support.pac4j.authentication.ClientAuthenticationMetaDataPopulator"
/>
<bean
class="org.jasig.cas.support.saml.authentication.SamlAuthenticationMetaDataPopulator"/>
<!--<bean
class="org.jasig.cas.authentication.CacheCredentialsMetaDataPopulator"/>-->
</util:list>
</property>
<property name="authenticationPolicy">
<bean
class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean>
.................
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.support.pac4j.authentication.handler.support.ClientAuthenticationHandler"
c:theClients-ref="clients" />
<bean id="basicPrincipalResolver"
class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
...................
Thanks in advance
I'm trying to allow delegated authentication to Twitter using the pac4j
library as described in the documentation. The authentication is
successful but I'm unable to map the received attributes.
I have tried to use the BasicPrincipalResolver but looking at the code
I'm realizing that this specific implementation is not intended for
recovering attributes. I was wondering if I should use the
PersonDirectory with one of its AttributeDaos or if I'm in the right
direction.
To use the BasicPrincipalResolver I have configured the
deployerconfig.xml. Is there any specific way to configure the deployer
in other to extract pac4j attributes?
Following you can find the modifications I did to deployerconfig:
<bean id="authenticationManager"
class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<entry key-ref="proxyAuthenticationHandler"
value-ref="proxyPrincipalResolver" />
<entry key-ref="ldapAuthenticationHandler"
value-ref="primaryPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler"
value-ref="basicPrincipalResolver" />
</map>
</constructor-arg>
<property name="authenticationMetaDataPopulators">
<util:list>
<bean
class="org.jasig.cas.support.pac4j.authentication.ClientAuthenticationMetaDataPopulator"
/>
<bean
class="org.jasig.cas.support.saml.authentication.SamlAuthenticationMetaDataPopulator"/>
<!--<bean
class="org.jasig.cas.authentication.CacheCredentialsMetaDataPopulator"/>-->
</util:list>
</property>
<property name="authenticationPolicy">
<bean
class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean>
.................
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.support.pac4j.authentication.handler.support.ClientAuthenticationHandler"
c:theClients-ref="clients" />
<bean id="basicPrincipalResolver"
class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
...................
Thanks in advance
Jérôme LELEU
Apr 15, 2016, 11:10:20 AM4/15/16
to Juan Carlos Giménez Moncada, CAS Community
Hi,
You should be able to only rely on the pac4j authentication handler. For Twitter, you don't need anything specific at the client level.
Can you try using a null principal resolver?
Thanks.
Best regards,
Jérôme
--
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5710D89B.8040903%40um.es.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
Reply all
Reply to author
Forward
0 new messages