Hello All, I am trying to move away from shibboleth IDP and move to CAS IDP but having a few issues, I have had a look at the documentation and this group and cannot seem to find the answer. I need to pass certain attributes, these ones -
urn:oid:0.9.2342.19200300.100.1.3 - mail value email address urn:oid:1.3.6.1.4.1.5923.1.1.1.1 - eduPersonAffiliation value member urn:oid:1.3.6.1.4.1.5923.1.1.1.1 - eduPersonAffiliation value staff or student urn:oid:1.3.6.1.4.1.5923.1.1.1.6 - eduPersonPrincipalName mail value email address urn:oid:2.5.4.4 - sn value surname urn:oid:1.3.6.1.4.1.5923.1.1.1.9 - eduPersonScopedAffiliation value [email protected] urn:oid:1.3.6.1.4.1.5923.1.1.1.9 - eduPersonScopedAffiliation value staff or [email protected] urn:oid:2.5.4.42 - givenName value First Name urn:oid:1.3.6.1.4.1.5923.1.1.1.10 - eduPersonTargetedID Value random id based on salt urn:oid:1.3.6.1.4.1.5923.1.1.1.7 - eduPersonEntitlement value urn:mace:dir:entitlement:common-lib-terms but I am getting : credentialType credentialType UsernamePasswordCredential samlAuthenticationStatementAuthMethod samlAuthenticationStatementAuthMethod urn:oasis:names:tc:SAML:1.0:am:password isFromNewLogin isFromNewLogin true authenticationDate authenticationDate 2020-01-22T13:59:03.213799Z urn:oid:0.9.2342.19200300.100.1.3 urn:oid:0.9.2342.19200300.100.1.3 [email protected] authenticationMethod authenticationMethod LdapAuthenticationHandler urn:oid:0.9.2342.19200300.100.1.1 urn:oid:0.9.2342.19200300.100.1.1 Username successfulAuthenticationHandlers successfulAuthenticationHandlers LdapAuthenticationHandler longTermAuthenticationRequestTokenUsed longTermAuthenticationRequestTokenUsed false urn:oid:2.5.4.42 urn:oid:2.5.4.42 FirstName urn:oid:2.5.4.4 urn:oid:2.5.4.4 Surname Here is my JSON file: { "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService", "serviceId" : "SERVICE", "name" : "Apache Secured By SAML", "id" : 100000011, "description" : "CAS development Apache mod_shib/shibd server with username/password protection", "metadataLocation" : "file:////etc/cas/saml/metadata/metadata.xml", "encryptAssertions": "true", "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", "allowedAttributes" : { "@class" : "java.util.TreeMap", "eppn" : "urn:mace:dir:attribute-def:eduPersonPrincipalName", "cn" : "urn:oid:1.3.6.1.4.1.5923.1.1.1.6", "displayName" : "urn:oid:2.16.840.1.113730.3.1.241", "givenName" : "urn:oid:2.5.4.42", "mail" : "urn:oid:0.9.2342.19200300.100.1.3", "role" : "urn:DOMAIN:attribute-def:role", "sn" : "urn:oid:2.5.4.4", "uid" : "urn:oid:0.9.2342.19200300.100.1.1", "UDC_IDENTIFIER": "urn:DOMAIN:attribute-def:UDC_IDENTIFIER", "eppn" : "urn:oid:0.9.2342.19200300.100.1.1" "affiliation" : "urn:oid:1.3.6.1.4.1.5923.1.1.1.1" "affiliation" : "staff" } "persistentIdGenerator" : { "@class" : "org.apereo.cas.authentication.principal.ShibbolethCompatiblePersistentIdGenerator", "salt" : "aGVsbG93b3JsZA==", "attribute": "eduPersonEntitlement" } }, "evaluationOrder" : 1125 } What am I doing wrong ? I do have other files to prepare but I know if I can get this one working I can get the other ones working, Thanks for all your help Jeff -- -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8ecc0227-1fcb-41b5-ad86-ac67ef2343da%40apereo.org.
