Hello All, Please can someone help me. I ma trying to move from our current shibboleth IDP to CAS, all seems OK but when I start setting up the registered service it goes wrong. I either get too much information (but not the info needed) or I don't get any.
I would like to show : urn:oid:0.9.2342.19200300.100.1.3 - mail urn:oid:1.3.6.1.4.1.5923.1.1.1.1 - eduPersonAffiliation value member urn:oid:1.3.6.1.4.1.5923.1.1.1.1 - eduPersonAffiliation value staff or student urn:oid:1.3.6.1.4.1.5923.1.1.1.6 - eduPersonPrincipalName mail urn:oid:2.5.4.4 - sn urn:oid:1.3.6.1.4.1.5923.1.1.1.9 - eduPersonScopedAffiliation value [email protected] urn:oid:1.3.6.1.4.1.5923.1.1.1.9 - eduPersonScopedAffiliation value staff or [email protected] urn:oid:2.5.4.42 - givenName urn:oid:1.3.6.1.4.1.5923.1.1.1.10 - eduPersonTargetedID Value random id based on salt urn:oid:1.3.6.1.4.1.5923.1.1.1.7 - eduPersonEntitlement value urn:mace:dir:entitlement:common-lib-terms What I am getting is : credentialType - credentialType - UsernamePasswordCredential samlAuthenticationStatementAuthMethod - samlAuthenticationStatementAuthMethod - urn:oasis:names:tc:SAML:1.0:am:password isFromNewLogin - isFromNewLogin - true authenticationDate - authenticationDate - 2020-01-22T13:59:03.213799Z urn:oid:0.9.2342.19200300.100.1.3 - urn:oid:0.9.2342.19200300.100.1.3 - [email protected] authenticationMethod - authenticationMethod - LdapAuthenticationHandler urn:oid:0.9.2342.19200300.100.1.1 - urn:oid:0.9.2342.19200300.100.1.1 - stonej successfulAuthenticationHandlers - successfulAuthenticationHandlers - LdapAuthenticationHandler longTermAuthenticationRequestTokenUsed - longTermAuthenticationRequestTokenUsed - false urn:oid:2.5.4.42 - urn:oid:2.5.4.42 - FirstName urn:oid:2.5.4.4 - urn:oid:2.5.4.4 - Surname My JSON file is : { "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService", "serviceId" : "SERVICENAME", "name" : "Apache Secured By SAML", "id" : 100000011, "description" : "CAS development Apache mod_shib/shibd server with username/password protection", "metadataLocation" : "file:////etc/cas/saml/metadata/metadata.xml", "encryptAssertions": "true", "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", "allowedAttributes" : { "@class" : "java.util.TreeMap", "eppn" : "urn:mace:dir:attribute-def:eduPersonPrincipalName", "cn" : "urn:oid:1.3.6.1.4.1.5923.1.1.1.6", "displayName" : "urn:oid:2.16.840.1.113730.3.1.241", "givenName" : "urn:oid:2.5.4.42", "mail" : "urn:oid:0.9.2342.19200300.100.1.3", "role" : "urn:DOMAIN.COM:attribute-def:role", "sn" : "urn:oid:2.5.4.4", "uid" : "urn:oid:0.9.2342.19200300.100.1.1", "UDC_IDENTIFIER": "urn:DOMAIN.COM:attribute-def:UDC_IDENTIFIER", "eppn" : "urn:oid:0.9.2342.19200300.100.1.1" "affiliation" : "urn:oid:1.3.6.1.4.1.5923.1.1.1.1" "affiliation" : "staff" } "persistentIdGenerator" : { "@class" : "org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator", "salt" : "aGVsbG93b3JsZA==", "attribute": "eduPersonEntitlement" } }, "evaluationOrder" : 1125 } What am I doing wrong ? I have looked at the documentation and cannot find the answers. Thanks for any help Jeff -- -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/559f60ab-90d6-46a6-9c47-750dac7dc271%40apereo.org.
