I htink so. Where can we see it ? Le jeudi 25 mars 2021 à 20:54:04 UTC+1, jrautureau a écrit :
> Hi Jérémy > > Is the passwordPolicy is enabled ? > > Le jeu. 25 mars 2021 à 20:26, Jérémie Pilette <[email protected]> a > écrit : > >> >> The attribute and the value are good in the LDAP. >> By watching the ldap.log.level=debug, I do not see something strange.. I >> can see all the values with their attributes, no error messages... >> Le jeudi 25 mars 2021 à 18:57:34 UTC+1, Ray Bon a écrit : >> >>> Jérémie, >>> >>> Check ldap to be sure an attribute and value exist for id_attribute for >>> your user. You could also check your ldap logs to see why the value is not >>> released. >>> >>> If cas is having difficulties connecting to ldap, you can set, >>> <Property name="ldap.log.level">debug</Property> >>> which is at the top of the log4j2.xml file. >>> >>> Ray >>> >>> On Thu, 2021-03-25 at 10:04 -0700, Jérémie Pilette wrote: >>> >>> Notice: This message was sent from outside the University of Victoria >>> email system. Please be cautious with links and sensitive information. >>> >>> Yes I have this file. I try to do with it ok. >>> >>> And in my */var.lib/tomcat9/Cataline.out*, I have this line : >>> [2021-03-25 18:02:39] [info] #033[33m2021-03-25 18:02:39,848 WARN >>> [org.apereo.cas.services.ReturnMappedAttributeReleasePolicy] - <Could not >>> find value for mapped attribute [*codeNYP*] that is based off of [ >>> *id_attribute*] in the allowed attributes list. Ensure the original >>> attribute [*id_attribute*] is retrieved and contains at least a single >>> value. Attribute [*codeNYP*] will and can not be released without the >>> presence of a value.>#033[m >>> >>> >>> Le jeudi 25 mars 2021 à 17:55:46 UTC+1, Ray Bon a écrit : >>> >>> Jérémie, >>> >>> The cas logger bit can be added to etc/cas/config/log4j2.xml). >>> >>> Ray >>> >>> On Thu, 2021-03-25 at 09:35 -0700, Jérémie Pilette wrote: >>> >>> Notice: This message was sent from outside the University of Victoria >>> email system. Please be cautious with links and sensitive information. >>> >>> Thank you for your response Ray Bon, but where I have to do that ? >>> Should I uncomment these lines in a file or add these lines in a >>> specific file ? >>> Thank you. >>> >>> >>> Le jeudi 25 mars 2021 à 16:46:34 UTC+1, Ray Bon a écrit : >>> >>> Jérémie, >>> >>> Try this logger to see what cas is doing with the attributes: >>> >>> <!-- DEBUG Found principal attributes [...] for [username] >>> Attribute policy [???] allows release of [...] for >>> [username] >>> Final collection of attributes allowed are: [...] --> >>> <AsyncLogger >>> name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy" >>> >>> level="debug"/> >>> >>> The client application must be configured to call the CASv3 endpoint. >>> >>> Ray >>> >>> On Thu, 2021-03-25 at 01:56 -0700, Jérémie Pilette wrote: >>> >>> Notice: This message was sent from outside the University of Victoria >>> email system. Please be cautious with links and sensitive information. >>> >>> >>> >>> Hi, >>> I would like to use Attribute release for one application (Yparéo). >>> I was usin CAS 5.1, and it was operationnal. >>> >>> Now with the new version 6.4, it does'nt work. >>> >>> I am using json file configuration : >>> ****************************************************************** >>> { >>> "@class" : "org.apereo.cas.services.RegexRegisteredService", >>> "serviceId" : "^(https|http)://URL/cas.*", >>> "name" : "netYpareo", >>> "id" : 10000005, >>> "description" : "NetYparéo", >>> "evaluationOrder" : 3, >>> "accessStrategy" : >>> { >>> "@class" : >>> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", >>> "enabled" : "true", >>> "ssoEnabled" : "true", >>> "requireAllAttributes": "true", >>> "caseInsensitive": "false" >>> }, >>> "attributeReleasePolicy" : >>> { >>> "@class" : >>> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >>> "allowedAttributes" : >>> { >>> "@class" : "java.util.TreeMap", >>> "*id_attribute*" : "*codeNYP*" >>> } >>> }, >>> "authorizedToReleaseCredentialPassword" : "false", >>> "authorizedToReleaseProxyGrantingTicket" : "false", >>> "excludeDefaultAttributes" : "false", >>> "*principalIdAttribute*" : "*login_attribute*" >>> } >>> ****************************************************************** >>> In my cas.properties : >>> cas.authn.authentication-attribute-release-enabled=*true* >>> cas.authn.ldap[0].principal-attribute-list=*id_attribute* >>> >>> Maybe I forget something ? >>> >>> One other question : How could we know which protocol is used to do that >>> ? >>> The application accept CASv3, so I want to use CASv3, not SAML or other >>> .... >>> >>> Thank you >>> >>> -- >>> >>> >>> Ray Bon >>> Programmer Analyst >>> Development Services, University Systems >>> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >>> >>> I respectfully acknowledge that my place of work is located within the >>> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >>> WSÁNEĆ Nations. >>> >>> -- >>> >>> >>> Ray Bon >>> Programmer Analyst >>> Development Services, University Systems >>> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >>> >>> I respectfully acknowledge that my place of work is located within the >>> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >>> WSÁNEĆ Nations. >>> >>> -- >>> >>> Ray Bon >>> Programmer Analyst >>> Development Services, University Systems >>> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >>> >>> I respectfully acknowledge that my place of work is located within the >>> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >>> WSÁNEĆ Nations. >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0401584-5fa0-44b2-b400-829704856ccbn%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0401584-5fa0-44b2-b400-829704856ccbn%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1a88d286-b6a7-49b6-8c44-8e212f0c5cd7n%40apereo.org.
