Two questions for you: 1) Why are you still using v4.0? (perhaps you're running it in production and haven’t had a chance to upgrade?) 2) What does your authenticationManager bean definition look like?
Cheers, D. > On Jul 7, 2016, at 6:47 AM, ghulam faqih <[email protected]> wrote: > > any advice guys. > > On Jun 28, 2016 4:35 PM, "asep-002" <[email protected] > <mailto:[email protected]>> wrote: > im using cas version 4.0, i want to take another attribute from my ldap > server. > > i see documentation > <https://apereo.github.io/cas/4.0.x/integration/Attribute-Release.html> to > take another other attribute there 2 step, first resolution and then release. > im succesed resolution step, but my user unable to get mapping attribute. > heres my log. > > > 2016-06-28 16:13:48,441 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Attempting LDAP > authentication for asep+password> > 2016-06-28 16:13:48,444 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <LDAP response: > [org.ldaptive.auth.AuthenticationResponse@1937247148::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, > ldapEntry=[dn=uid=asep,ou=people,dc=eu,dc=id[[uid[asep]], > [mail[[email protected] <mailto:[email protected]>]], [sn[kampak]], > [ou[research lab]], [cn[asep kampak]]], responseControls=null, messageId=-1], > accountState=null, result=true, resultCode=SUCCESS, message=null, > controls=null]> > 2016-06-28 16:13:48,444 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal > attribute: [cn[asep kampak]]> > 2016-06-28 16:13:48,444 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal > attribute: [mail[[email protected] <mailto:[email protected]>]]> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal > attribute: [sn[kampak]]> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Found principal > attribute: [ou[research lab]]> > 2016-06-28 16:13:48,445 INFO > [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - > <LdapAuthenticationHandler successfully authenticated asep+password> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - > <Attempting to resolve a principal...> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver] - > <Creating SimplePrincipal for [asep]> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Created seed > map='{username=[asep]}' for uid='asep'> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Adding attribute > 'username' with value '[asep]' to query builder 'null'> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Constructed LDAP search > query [(uid={user})]> > 2016-06-28 16:13:48,445 DEBUG > [org.jasig.cas.persondir.LdapPersonAttributeDao] - <Generated query builder > '[org.ldaptive.SearchFilter@1028417470::filter=(uid={user}), > parameters={0=asep}]' from query Map {username=[asep]}.> > 2016-06-28 16:13:48,543 DEBUG > [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - > <org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver@5308cb06 > resolved asep from asep+password> > 2016-06-28 16:13:48,543 INFO > [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - > <Authenticated asep with credentials [asep+password].> > 2016-06-28 16:13:48,543 DEBUG > [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <Attribute > map for asep: {}> > > > i can see my attribute at log "Found prinicipal attribute" but after resolve > unable to my user. > my config for resolution in deployerConfigContext.xml. > > <bean id="ldapAuthenticationHandler" > class="org.jasig.cas.authentication.LdapAuthenticationHandler" > p:principalIdAttribute="uid" > c:authenticator-ref="authenticator"> > <property name="principalAttributeMap"> > <map> > <!-- > | This map provides a simple attribute resolution mechanism. > | Keys are LDAP attribute names, values are CAS attribute > names. > | Use this facility instead of a PrincipalResolver if LDAP is > | the only attribute source. > --> > <entry key="cn" value="simpleName" /> > <entry key="mail" value="email" /> > <entry key="sn" value="fullname" /> > <entry key="ou" value="unit" /> > </map> > </property> > </bean> > > release config > <bean class="org.jasig.cas.services.RegisteredServiceImpl"> > <property name="id" value="0" /> > <property name="name" value="HTTPS Services" /> > <property name="description" value="HTTP Service ITB" /> > <property name="serviceId" value="https://**"; /> > <property name="allowedAttributes"> > <list> > <value>simpleName</value> > <value>email</value> > <value>fullname</value> > <value>unit</value> > </list> > </property> > </bean> > > please give me some advice, i got stuck. > thank you. > > > > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > <https://groups.google.com/a/apereo.org/group/cas-user/>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/d30106c8-0646-47f0-a730-28b1ccc61761%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d30106c8-0646-47f0-a730-28b1ccc61761%40apereo.org?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout > <https://groups.google.com/a/apereo.org/d/optout>. > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > <https://groups.google.com/a/apereo.org/group/cas-user/>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOTF3O3syLcUt8VGKz2%3DStYp_XWa3Qae_Oh12ds2mFO1_o595w%40mail.gmail.com > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOTF3O3syLcUt8VGKz2%3DStYp_XWa3Qae_Oh12ds2mFO1_o595w%40mail.gmail.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/a/apereo.org/d/optout > <https://groups.google.com/a/apereo.org/d/optout>. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/C06FFA37-961B-4797-9552-91FB656E4572%40unicon.net. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
