Hello, something similar is happening to me.
In cas apereo v6.6.15 and pac4j v5.4.6, I am trying to log in to Google and
Facebook through an endopoint.
In the json I have the following:
{
"@class": "org.apereo.cas.services.CasRegisteredService",
"serviceId": ...,
"name": ...,
"id": ...,
"evaluationOrder": 1,
"description": "CAS SSO V6.6.15",
"theme": "Theme",
"accessStrategy": {
"@class":
"org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy",
"enabled": true,
"ssoEnabled": true
},
"properties": {
"@class": "java.util.HashMap",
"httpHeaderEnableXFrameOptions": {
"@class": "org.apereo.cas.services.DefaultRegisteredServiceProperty",
"values": [
"java.util.HashSet",
[
"true"
]
]
}
},
"attributeReleasePolicy": {
"@class": "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"principalIdAttribute": "email",
"allowedAttributes": [
"java.util.ArrayList",
[
"email",
"name",
"first_name",
"last_name",
"given_name",
"family_name"
]
]
},
"singleSignOnParticipationPolicy": {
"@class":
"org.apereo.cas.services.ChainingRegisteredServiceSingleSignOnParticipationPolicy",
"createCookieOnRenewedAuthentication": "TRUE",
"policies": [
"java.util.ArrayList",
[
{
"@class":
"org.apereo.cas.services.AuthenticationDateRegisteredServiceSingleSignOnParticipationPolicy",
"timeUnit": "SECONDS",
"timeValue": 2592000,
"order": 0
}
]
]
}
}
and when trying to validate the ticket in /validate endpoint the answer
is: yes, numerical ID and what I need is that it be the email and not an ID.
I am using pac4j for delegated auth and in cas.propertie I have tried the
following configurations:
cas.authn.attribute.release.enabled=true
cas.authn.authentication-attribute-release.enabled=true
cas.authn.pac4j.saml[].principal-id-attribute: email
as.authn.jaas[].principal.use-existing-principal-id: email
but none of them manage to get the ticket quality to respond with the email.
Well, I appreciate any help.
El viernes, 15 de marzo de 2019 a las 0:26:24 UTC-3, Andy Ng escribió:
> Hello,
>
> What version of CAS are you in? If you are in CAS > 5.3.9 (or the latest
> CAS 6.x), since Pac4j is updated to 3.6.1:
>
> You should see that *emails *is no longer there and there is an *email
> *attribute
> instead (which is in plain string)
>
> So you can get that very easily, no need to decode handle Google2Email.
>
>
> See if the above helps you
>
> Cheers!
> - Andy
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5e1854f-f12c-4beb-aeb3-587bcfa426d1n%40apereo.org.
