<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<bean id="authenticationManager"
class="org.jasig.cas.authentication.LinkedAuthenticationHandlerAndCredentialsToPrincipalResolverAuthenticationManager">
<constructor-arg index="0">
<map>
<entry key-ref="Staff-LdapAuthHandler" value-ref="Staff-LdapCredentialtoPrincipalResolver" />
<entry key-ref="HTTPAuthHandler" value-ref="HTTPCredentialtoPrincipalResolver" />
</map>
</constructor-arg>
</bean>
<bean id="HTTPCredentialtoPrincipalResolver"
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
<bean id="HTTPAuthHandler" class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
<bean id="Staff-LdapAuthHandler"
class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
<property name="filter" value="%u...@YFUUSA.Local" />
<property name="contextSource" ref="contextSource" />
<property name="ignorePartialResultException" value="yes" />
</bean>
<bean id="contextSource"
class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="false"/>
<property name="url" value="ldap://dc1.yfuusa.local:3268/DC=YFUUSA,DC=Local" />
<!-- <value>ldap://dc2.yfuusa.local:389/DC=YFUUSA,DC=Local</value> -->
<!-- Place JNDI environment properties here. -->
<property name="baseEnvironmentProperties">
<map>
<!-- Three seconds is an eternity to users. -->
<entry key="com.sun.jndi.ldap.connect.timeout" value="3000" />
<entry key="com.sun.jndi.ldap.read.timeout" value="3000" />
<!-- Explained at http://download.oracle.com/javase/1.3/docs/api/javax/naming/Context.html#SECURITY_AUTHENTICATION -->
<entry key="java.naming.security.authentication" value="simple" />
</map>
</property>
<property name="userDn" value="CN=HIDEME,CN=Users,DC=YFUUSA,DC=Local" />
<property name="password" value="SECRET" />
</bean>
<bean id="Staff-LdapCredentialtoPrincipalResolver"
class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">
<property name="credentialsToPrincipalResolver">
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
</property>
<property name="filter" value="(sAMAccountName=%u)" />
<property name="principalAttributeName" value="sAMAccountName" />
<property name="scope" value="2" />
<property name="searchBase" value="" />
<property name="contextSource" ref="contextSource" />
<property name="attributeRepository">
<ref bean="attributeRepository" />
</property>
</bean>
<sec:user-service id="userDetailsService">
<sec:user name="hideme" password="notused" authorities="ROLE_ADMIN" />
</sec:user-service>
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="contextSource" ref="contextSource" />
<property name="baseDN" value="" />
<property name="requireAllQueryAttributes" value="false" />
<property name="queryAttributeMapping">
<map>
<entry key="username" value="sAMAccountName" />
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="cn" value="Name"/>
<entry key="userPrincipalName" value="userPrincipalName" />
<entry key="memberOf" value="group" />
<entry key="distinguishedName" value="distinguishedName" />
<entry key="securityQuestion" value="securityQuestion" />
</map>
</property>
</bean>
<bean
id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<property name="registeredServices">
<list>
<bean class="org.jasig.cas.services.RegisteredServiceImpl">
<property name="id" value="0" />
<property name="name" value="LocalMy.YFU" />
<property name="description" value="Only Allows HTTPS Urls" />
<property name="serviceId" value="http://chekov:10000/cgi-bin/WebObjects/WOYFUJava.woa/wa/TemporaryDirectAction/casLogin" />
<property name="allowedAttributes">
<list>
<value>group</value>
<value>Name</value>
<value>userPrincipalName</value>
<value>distinguishedName</value>
<value>pfoId</value>
<value>securityQuestion</value>
</list>
</property>
<property name="anonymousAccess" value="true"/>
</bean>
</list>
</property>
</bean>
<bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
</beans>
Jeffrey Simpson
Senior Software Engineer
Telephone: 240.235.2144
Fax: 240.235.2174
sim...@yfu.org
Youth For Understanding (YFU) prepares young people for their responsibilities and opportunities in a changing, interdependent world.
--
You are currently subscribed to cas-...@lists.jasig.org as: jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Turn up the logging on the org.jasig category to DEBUG and post some
log excerpts that confirm this. PersonDirectory components log
resolved attributes and I believe there are some clear CAS logs that
indicate what attributes are sent to clients. (Pretty sure I added
that logging at some point to facilitate debugging in cases like
these.)
In any case I doubt the schema customizations are the cause.
M
Below is a chunk of my log when I do not use the Global Catalog.
>
2011-09-12 12:04:47,063 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://chekov:10000/cgi-bin/WebObjects/WOYFUJava.woa/wa/TemporaryDirectAction/casLogin>
2011-09-12 12:04:47,063 DEBUG [org.jasig.cas.web.support.CasArgumentExtractor] - <Extractor generated service for: http://chekov:10000/cgi-bin/WebObjects/WOYFUJava.woa/wa/TemporaryDirectAction/casLogin>
2011-09-12 12:04:54,652 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with credential: sim...@YFUUSA.Local>
2011-09-12 12:04:54,652 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with credential: sim...@YFUUSA.Local>
2011-09-12 12:04:54,652 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with credential: sim...@YFUUSA.Local>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,657 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson. Trying LDAP resolve now...>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson. Trying LDAP resolve now...>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson. Trying LDAP resolve now...>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <LDAP search with filter "(sAMAccountName=simpson)">
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <LDAP search with filter "(sAMAccountName=simpson)">
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <LDAP search with filter "(sAMAccountName=simpson)">
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <returning searchcontrols: scope=2; search base=; attributes=[sAMAccountName]; timeout=1000>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <returning searchcontrols: scope=2; search base=; attributes=[sAMAccountName]; timeout=1000>
2011-09-12 12:04:54,659 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <returning searchcontrols: scope=2; search base=; attributes=[sAMAccountName]; timeout=1000>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson to simpson>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson to simpson>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Resolved simpson to simpson>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,668 DEBUG [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver] - <Creating SimplePrincipal for [simpson]>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Created seed map='{username=[simpson]}' for uid='simpson'>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Created seed map='{username=[simpson]}' for uid='simpson'>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Created seed map='{username=[simpson]}' for uid='simpson'>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Adding attribute 'sAMAccountName' with value '[simpson]' to query builder 'null'>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Adding attribute 'sAMAccountName' with value '[simpson]' to query builder 'null'>
2011-09-12 12:04:54,668 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Adding attribute 'sAMAccountName' with value '[simpson]' to query builder 'null'>
2011-09-12 12:04:54,672 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Generated query builder '(sAMAccountName=simpson)' from query Map {username=[simpson]}.>
2011-09-12 12:04:54,672 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Generated query builder '(sAMAccountName=simpson)' from query Map {username=[simpson]}.>
2011-09-12 12:04:54,672 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Generated query builder '(sAMAccountName=simpson)' from query Map {username=[simpson]}.>
2011-09-12 12:04:54,724 WARN [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Recovering From Exception thrown by 'org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao@45263910'>
org.springframework.ldap.PartialResultException: Unprocessed Continuation Reference(s); nested exception is javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ''
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:205)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:315)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:259)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:571)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:556)
at org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao.getPeopleForQuery(LdapPersonAttributeDao.java:187)
at org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao.getPeopleForQuery(LdapPersonAttributeDao.java:98)
at org.jasig.services.persondir.support.AbstractQueryPersonAttributeDao.getPeopleWithMultivaluedAttributes(AbstractQueryPersonAttributeDao.java:192)
at org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl.getAttributesFromDao(MergingPersonAttributeDaoImpl.java:40)
at org.jasig.services.persondir.support.AbstractAggregatingDefaultQueryPersonAttributeDao.getPeopleWithMultivaluedAttributes(AbstractAggregatingDefaultQueryPersonAttributeDao.java:124)
at org.jasig.services.persondir.support.AbstractDefaultAttributePersonAttributeDao.getPerson(AbstractDefaultAttributePersonAttributeDao.java:63)
at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal_aroundBody0(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:55)
at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal_aroundBody1$advice(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:44)
at org.jasig.cas.authentication.principal.AbstractPersonDirectoryCredentialsToPrincipalResolver.resolvePrincipal(AbstractPersonDirectoryCredentialsToPrincipalResolver.java:1)
at org.jasig.cas.authentication.LinkedAuthenticationHandlerAndCredentialsToPrincipalResolverAuthenticationManager.authenticateAndObtainPrincipal(LinkedAuthenticationHandlerAndCredentialsToPrincipalResolverAuthenticationManager.java:47)
at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:41)
at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44)
at org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy63.authenticate(Unknown Source)
at org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket_aroundBody10(CentralAuthenticationServiceImpl.java:413)
at org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket_aroundBody11$advice(CentralAuthenticationServiceImpl.java:44)
at org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:1)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at org.perf4j.aop.AbstractTimingAspect$1.proceed(AbstractTimingAspect.java:47)
at org.perf4j.aop.AgnosticTimingAspect.runProfiledMethod(AgnosticTimingAspect.java:53)
at org.perf4j.aop.AbstractTimingAspect.doPerfLogging(AbstractTimingAspect.java:45)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:126)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy64.createTicketGrantingTicket(Unknown Source)
at org.jasig.cas.web.flow.AuthenticationViaFormAction.submit_aroundBody2(AuthenticationViaFormAction.java:95)
at org.jasig.cas.web.flow.AuthenticationViaFormAction.submit_aroundBody3$advice(AuthenticationViaFormAction.java:44)
at org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:1)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:830)
at ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1253)
at ognl.ObjectMethodAccessor.callMethod(ObjectMethodAccessor.java:68)
at ognl.OgnlRuntime.callMethod(OgnlRuntime.java:1329)
at ognl.ASTMethod.getValueBody(ASTMethod.java:90)
at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
at ognl.SimpleNode.getValue(SimpleNode.java:258)
at ognl.ASTChain.getValueBody(ASTChain.java:141)
at ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
at ognl.SimpleNode.getValue(SimpleNode.java:258)
at ognl.Ognl.getValue(Ognl.java:494)
at org.springframework.binding.expression.ognl.OgnlExpression.getValue(OgnlExpression.java:85)
at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:75)
at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
at org.springframework.webflow.engine.State.enter(State.java:194)
at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:391)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:386)
at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:254)
at org.springframework.webflow.engine.ViewState.resume(ViewState.java:218)
at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:790)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:560)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody2(SafeDispatcherServlet.java:115)
at org.jasig.cas.web.init.SafeDispatcherServlet.service_aroundBody3$advice(SafeDispatcherServlet.java:44)
at org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:1)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at com.github.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:224)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:405)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:279)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:515)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name ''
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2846)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:295)
... 145 more
2011-09-12 12:04:54,724 WARN [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Recovering From Exception thrown by 'org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao@45263910'>
Jeffrey Simpson
Senior Software Engineer
Telephone: 240.235.2144
Fax: 240.235.2174
sim...@yfu.org
Youth For Understanding (YFU) prepares young people for their responsibilities and opportunities in a changing, interdependent world.
--
You can also extend the attributes in the global catalog if you're allowed to
do that in your AD configuration.
Ciao, Michael.
So the original problem was caused by me using Active Directories Global Catalog to get around the PartialResultException that AD is known to throw. For those of you not deep into the intricaties of AD if you connect to ldap using port 3268 not 389 you get the Global Catalog. The Global Catalog is nice since it has information from all of thew AD domain including sub domains. The thing is not all attributes are synced to the Global Catalog. There is a way of telling AD what attributes to sync. The link below has information on that. So I had AD sync my extened attributes to the Global Catalog and all is happy.
http://technet.microsoft.com/en-us/library/cc758130%28WS.10%29.aspx
Begin forwarded message:
Makes total sense now. Your custom attribute wasn't in the GC, so of
course it wasn't being returned by CAS attribute queries. Glad you
got it working.
M