Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I need Attribute name for firstname , lastname , email #11

Open
abiram2008raj opened this issue Aug 31, 2017 · 6 comments
Open

I need Attribute name for firstname , lastname , email #11

abiram2008raj opened this issue Aug 31, 2017 · 6 comments
Labels
question

Comments

@abiram2008raj
Copy link

abiram2008raj commented Aug 31, 2017
edited
Loading

#8 #10 @adamfranco @stevengnelson @melissaFloyd @imcbride

Currently i filled all details in casattras. CAS logged successfully.
But i didnt get any details like firstname , Lastname, Email.

In field first name = '' if filled givenName Its not fetch name
Last name = '' if filled sn Its not fetch name
Email = '' if filled mail Its not fetch name

Please help me out
@adamfranco
Copy link
Contributor

@abiram2008raj, you'll need to look at your CAS server and CAS response to determine what attributes are returned. CAS servers can be configured to return any number of attributes with arbitrary keys. Many CAS installations/configurations do not include any attributes in the response as when using the CAS protocol, only the user_id is a required value, attributes are optional.

@paszczus
Copy link

Hello,
I have same problem here. The only attribute which is working for me is 'mail'.
My CAS is configured to share attributes and it works fine with other services.
Here is some log from CAS:
2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <LDAP response: [org.ldaptive.auth.AuthenticationResponse@1761905790::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[[email protected],vd=uni.opole.pl,o=hosting,dc=uo,dc=opole,dc=pl[[mail[[email protected]]], [sn[Fooname]], [eduPersonEntitlement[ADMINISTRATOR]], [pleduPersonGId[87042804591]], [givenName[S?awomir]], [pleduPersonLId[15789]], [objectClass[organizationalPerson, pleduPerson, person, VirtualForward, radiusprofile, VirtualMailAccount, sambaAccount, eduPerson, amavisAccount, inetOrgPerson, Vacation, uniGadgets, top]]], responseControls=null, messageId=-1], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [givenName[S?awomir]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [sn[Fooname]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [mail[[email protected]]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [pleduPersonGId[87042804591]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [pleduPersonLId[15789]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [eduPersonEntitlement[ADMINISTRATOR]]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal attribute: [objectClass[organizationalPerson, pleduPerson, person, VirtualForward, radiusprofile, VirtualMailAccount, sambaAccount, eduPerson, amavisAccount, inetOrgPerson, Vacation, uniGadgets, top]]> 2017-09-20 10:08:11,810 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler successfully authenticated [email protected]> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <No resolver configured for LdapAuthenticationHandler. Falling back to handler principal [email protected]> 2017-09-20 10:08:11,810 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated [email protected] with credentials [[email protected]].> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute map for [email protected]: {givenname=S?awomir, lastname=Fooname, [email protected], pesel=87042804591, usos_id=15789, role=ADMINISTRATOR, class=[organizationalPerson, pleduPerson, person, VirtualForward, radiusprofile, VirtualMailAccount, sambaAccount, eduPerson, amavisAccount, inetOrgPerson, Vacation, uniGadgets, top]}> 2017-09-20 10:08:11,810 DEBUG [org.jasig.cas.audit.spi.AssertionAsReturnValuePrincipalResolver] - <Trying to see if target's return value is instance of [Assertion]...>

@adamfranco
Copy link
Contributor

@paszczus This module uses phpCAS to communicate with the CAS server. Try pointing an attribute-viewing sample script that directly your CAS server and printing out the attributes returned. This will also allow you to use phpCAS::setDebug(); to log/see the raw XML return from the CAS server. Note that CAS servers do not return attributes in the CAS 2.0-protocol response by default -- only with custom patching. SAML responses and CAS 3.0-protocol responses (from cas/p3/serviceValidate) both can contain attributes.

@paszczus
Copy link

@adamfranco mail attribute is working for me only with SAML 1.1.
We are using CAS 4.x so i guess there are no attributes because there is no support for CAS 3.0-protocol right now. Do you have any roadmap 3.0 support?

@paszczus
Copy link

Is that fixed now?

@andyzito andyzito reopened this Oct 22, 2019
@sparse91
Copy link

We are using CAS 6.1 and everything is working fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@adamfranco @paszczus @andyzito @sparse91 @abiram2008raj