https://apereo.github.io/cas/4.2.x/integration/ClearPass.html#cache-credentials ?
-- Misagh From: HURTEVENT VINCENT <[email protected]> Reply: HURTEVENT VINCENT <[email protected]> Date: October 25, 2016 at 9:57:22 PM To: CAS Community <[email protected]> Subject: [cas-user] Problem using ClearPass in returned attribute mode Hello, I’m working on an upgrade from 3.5.3 to current stable (4.2.6) version and trying to get clearPass working using the new method (attribute in the validation response). I followed the documentation (https://apereo.github.io/cas/4.2.x/integration/ClearPass.html) but I can’t get credentials in returned attributes. On the Server logs I have : 2016-10-25 20:10:49,980 DEBUG [org.jasig.cas.web.v3.V3ServiceValidateController] - <Successfully validated service ticket ST-1-agVDTGIZtdndmucvcFPj-cas.test.fr for service [https://www.test.fr/owa/]> 2016-10-25 20:10:49,988 DEBUG [org.jasig.cas.web.view.Cas30ResponseView$Success] - <Preparing the output model to render view...> 2016-10-25 20:10:49,998 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <Starting to encode attributes for release to service [https://www.test.fr/owa/]> 2016-10-25 20:10:50,000 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[credential] is not available as a cached model attribute to encrypt...> 2016-10-25 20:10:50,001 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[proxyGrantingTicket] is not available as a cached model attribute to encrypt...> 2016-10-25 20:10:50,009 DEBUG [org.jasig.cas.authentication.support.DefaultCasAttributeEncoder] - <[3] Encoded attributes are available for release to [https://www.test.fr/owa/]> The service, as said in the documentation, is defined with : "attributeReleasePolicy" : { "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", "principalAttributesRepository" : { "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, "authorizedToReleaseCredentialPassword" : true, "authorizedToReleaseProxyGrantingTicket" : false }, "publicKey" : { "@class" : "org.jasig.cas.services.RegisteredServicePublicKeyImpl", "location" : "classpath:clearPass-test-pub.key", "algorithm" : "RSA" } The public key « clearPass-test-pub.key » is in the WEB-INF/classes directory. For tests, I’m using phpCAS 1.3.4 with these snippet : phpCAS::client(CAS_VERSION_3_0, $cas_host, $cas_port, $cas_context); phpCAS::setCasServerCACert($cas_server_ca_cert_path); phpCAS::forceAuthentication(); $username = phpCAS::getUser(); // And list attributes retrieved by foreach (phpCAS::getAttributes() { blablabla } Listing attributes returned with phpCAS only give : authenticationDate isFromNewLogin longTermAuthenticationRequestTokenUsed Where could be my mistake ? Thank you ! -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/F561E3EF-19EE-46EF-8F48-53FF7B950B2E%40univ-lyon1.fr. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.580fa87b.7cdb35e3.cbd6%40unicon.net.
