[cas-dev] Custom Attribute Resolver.. help needed.

Sean R. McNamara sean.r.mcnamara at Dartmouth.EDU
Thu May 22 11:56:41 EDT 2008 

Hi Scott,

Regarding 1. we're using a custom principal object called 
DartmouthPrincipal, to be honest, I don't see any reference to 
AttributePrincipal in the source..  could you be a little more specific?

I'll look into the DefaultServicesManager..  that could very well be my 
issue.  

Thanks..

..Sean.

Scott Battaglia wrote:
> Sean,
>
> Two questions/comments:
>
> 1. Are you using the AttributePrincipal?  My guess is you are. If not, 
> you should be ;-)
>
> 2. The attributes release is dependent on the services management 
> tool. We've actually built a way to use it without using it (if that 
> made sense).  If you don't want to register all of your services in 
> the tool, then you can configure in the XML configuration the default 
> attributes that get passed back (since everything matches the default 
> service if you have none configured).  Take a look at the Javadoc for 
> the DefaultServicesManager.  I believe the constructor takes a list of 
> Strings (which would be the attribute names)
>
> -Scott
>
> On Thu, May 22, 2008 at 11:29 AM, Sean R. McNamara 
> <sean.r.mcnamara at dartmouth.edu <mailto:sean.r.mcnamara at dartmouth.edu>> 
> wrote:
>
>     Hi all,
>
>     I'm working to develop a custom attribute resolver, and am more or
>     less
>     following the model given by
>     CredentialsToLDAPAttributePrincipalResolver.java.
>
>
>     I've built a custom Credentials -> Principal resolver,
>     CredentialsToDNDFieldPrincipalResolver
>     a custom PersonAttributeDao, DNDPersonAttributeDao,
>
>     and have configured the deployerConfigContext.xml as follows:
>
>                    [.....]
>                    <property name="credentialsToPrincipalResolvers">
>                            <list>
>                                    <bean
>
>     class="org.jasig.cas.authentication.principal.CredentialsToDNDFieldPrincipalResolver">
>                                            <!-- The Principal resolver
>     form
>     the credentials -->
>                                            <property
>     name="credentialsToPrincipalResolver">
>                                                    <bean
>     class="edu.dartmouth.cas.authentication.principal.DartmouthUsernamePasswordCredentialsToPrincipalResolver"
>     />
>
>                                            </property>
>                                            <!-- The query made to find the
>     Principal ID. "%u" will be replaced by the resolved Principal -->
>                                            <property name="filter"
>     value="%u" />
>
>                                            <!-- The attribute used to
>     define the new Principal ID -->
>
>                                            <property
>     name="principalAttributeName" value="name" />
>
>                                            <property
>     name="attributeRepository">
>                                                    <ref
>     bean="attributeRepository" />
>                                            </property>
>
>                                    </bean>
>                    [.....]
>
>            <bean id="attributeRepository"
>
>     class="org.jasig.services.persondir.support.dnd.DNDPersonAttributeDao">
>                    <property name="fieldsToAttributes">
>                            <map>
>                                    <entry key="lastname"
>     value="lastname" />
>                                    <entry key="firstname"
>     value="firstname" />
>                                    <entry key="name" value="name" />
>                            </map>
>                    </property>
>            </bean>
>
>
>
>     The code compiles, and according to some debug I've inserted into the
>     code, successfully builds the Principal and populates the attributes,
>     however, in casServiceValidationSuccess.jsp, when I attempt to access
>     the attributeMap as follows:
>
>     /<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id
>     <http://principal.id>)}</cas:user>/
>     <c:forEach var="auth" items="${assertion.chainedAuthentications}">
>     <c:forEach var="attr" items="${auth.principal.attributes}" >
>     <cas:attribute name="${fn:escapeXml(attr.key)}"
>     value="${fn:escapeXml(attr.value)}"/>
>     </c:forEach>
>     </c:forEach>
>
>     I only see the <cas:user>...</cas:user> data in my response.    I
>     verified I'm modifying the correct .jsp, so, I know that's not an
>     issue.
>
>
>     I'd appreciate any assistance anyone could offer.  I'm a little
>     stumped
>     at this point.     One thing I haven't done and I'm not clear
>     whether or
>     not is a necessary step to get this to work, is to enable the Services
>     support (http://www.ja-sig.org/wiki/display/CASUM/Configuring) or
>     whether that's irrelevant unless I'm looking to use the whitelisting
>     features..
>
>     Thanks for  your help..
>
>     ..Sean.
>
>     _______________________________________________
>     cas-dev mailing list
>     cas-dev at tp.its.yale.edu <mailto:cas-dev at tp.its.yale.edu>
>     http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
>
>
> -- 
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> ------------------------------------------------------------------------
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>

More information about the cas-dev mailing list