You should be using the samlValidate endpoint, not the serviceValidate endpoint in the CASValidateUrl. See the mod_auth_cas documentation.
-- DAVID A. CURRY, CISSP *DIRECTOR OF INFORMATION SECURITY* INFORMATION TECHNOLOGY 71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003 +1 212 229-5300 x4728 • [email protected] [image: The New School] On Mon, Oct 1, 2018 at 3:18 PM Fahmi L. Ramdhani < [email protected]> wrote: > Hi, > > I'am unable to retrieves CAS User Attributes using mod_auth_cas. Below is > my configuration: > *100-domain.com.conf* > <IfModule mod_ssl.c> > <VirtualHost *:443> > ServerName domain.com > ServerAlias www.domain.com > ServerAdmin [email protected] > > > DocumentRoot /home/user/www/sites/domain.com > <Directory "/home/user/www/sites/domain.com"> > <IfModule mod_auth_cas.c> > CASAuthNHeader On > AuthType CAS > </IfModule> > > > # Options Indexes FollowSymLinks > # AllowOverride All > # Require all granted > Require valid-user > </Directory> > > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem > SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem > > > Include /etc/letsencrypt/options-ssl-apache.conf > > > <IfModule mod_auth_cas.c> > CASLoginUrl https://login.domain.com/cas/login > CASValidateUrl https://login.domain.com/cas/serviceValidate > CASValidateServer off > CASCookiePath /var/cache/apache2/mod_auth_cas/ > CASSSOEnabled On > CASDebug Off > </IfModule> > > > </VirtualHost> > > > And this is my *cas.properties*: > ## ATTRIBUTES > cas.authn.attributeRepository.jdbc[0].sql = SELECT * FROM user_attributes > WHERE {0} > cas.authn.attributeRepository.jdbc[0].healthQuery = SELECT 1 > cas.authn.attributeRepository.jdbc[0].driverClass = com.mysql.jdbc.Driver > cas.authn.attributeRepository.jdbc[0].url = jdbc:mysql: > //localhost:3306/cas > cas.authn.attributeRepository.jdbc[0].user = root > cas.authn.attributeRepository.jdbc[0].password = xxxxxxx > cas.authn.attributeRepository.jdbc[0].dialect = org.hibernate.dialect. > MySQLDialect > cas.authn.attributeRepository.jdbc[0].singleRow = false > cas.authn.attributeRepository.jdbc[0].username = email > cas.authn.attributeRepository.jdbc[0].columnMappings.key = value > > cas.authn.attributeRepository.defaultAttributesToRelease=first_name, > last_name,company_name > > > Loging has successfuly but HTML output is: > Secured Content > > This is some secure content. You should not be able to see it until you > have entered your username and password. > > > Attributes Returned by CAS > > REMOTE_USER = [email protected] > HostConnectionCache-ControlUpgrade-Insecure-RequestsUser-AgentAcceptRefererAccept-EncodingAccept-LanguageCookieOn > > > Attributes not showing. Does anyone have a solution to this problem? > Thanks. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3b5da87-1254-4155-998c-ad86eeee8cca%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3b5da87-1254-4155-998c-ad86eeee8cca%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAPrQz7Cf5b5t63dBOjGnBV2iNhooS33cpQUgkuGHDVA0w%40mail.gmail.com.
