Hi William, I think we trying to do the same, and I have to confirm the only I solution I found was exactly mapping the attributes to the uri name.
We want to use the consent module along with it and really don’t want those uri’s appear in the consent view for our users. It would be great if the SAML uri, e.g. “urn:oid:2.5.4.42” could be configurable similarly to the name format, that is globally for available attributes, and as well as part of the service definition to override. I would take up the task some time, if no one else does first. Regards Arnold Von: [email protected] [mailto:[email protected]] Im Auftrag von William E. Gesendet: Mittwoch, 10. Januar 2018 22:29 An: CAS Community <[email protected]> Betreff: [cas-user] SAML FriendlyName and Name using same value Hi all, I'm pretty sure this is not a current feature of CAS 5.2.x, but I just wanted to ask this community if they found any way to do so by some config trickery. If not, would the awesome CAS developers be interested in putting this on the list of future feature enhancements please? So we're trying to use the saml idp of cas 5.2 to replace our shibboleth service. Seems most SP's work but a few don't and unfortunately getting logs from vendors or technical insight is sometimes challenging. But one distinct difference between the attributes shibboleth returns and cas IDP returns is that with cas, while you can specify the "return attribute x as name y" part, it's used for both the name and friendlyname values. For example, in our config shibboleth returns the givenName like so: <saml2:Attribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:type="xsd:string">Jane</saml2:AttributeValue> </saml2:Attribute> With Name="urn:oid:2.5.4.42" and FriendlyName="givenName". In the cas service definition I can specify givenName should be returned as urn:oid:2.5.4.42, which is awesome, but the urn:oid... is used for both Name and FriendlyName values. attributeReleasePolicy: { @class: org.apereo.cas.services.ReturnMappedAttributeReleasePolicy allowedAttributes: { @class: java.util.TreeMap givenName: "urn:oid:2.5.4.42" ............... <saml2:Attribute FriendlyName="urn:oid:2.5.4.42" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:type="xsd:string">Jane</saml2:AttributeValue> </saml2:Attribute> Anyone know of a way to specify a different value for FriendlyName than Name? Thanks, William -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/a58be248-9a81-4d24-a3b4-701eaf90c9e9%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/a58be248-9a81-4d24-a3b4-701eaf90c9e9%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/acf8e06df1ff44888eb570f4181fea9b%40hrz.tu-darmstadt.de.
