Return More than User Name

Barrow Kwan bhkwan at thoughtworks.com
Tue Aug 7 18:35:16 EDT 2007 

thanks Scott,

i tried to add this

${fn:escapeXml(assertion.chainedAuthentications[fn:length 
(assertion.chainedAuthentications)-1].principal.id)}

to casGenericSuccess.jsp but it didn't return anything.

I think I missed something but not sure what :)

thanks


On Aug 7, 2007, at 12:06 PM, Scott Battaglia wrote:

> Barrow,
>
> I've updated the web site to reflect the Subversion information.   
> Thanks for pointing that out.
>
> The PersonDirectory API javadocs should be up to date (according to  
> their title):
> http://developer.ja-sig.org/projects/person-directory/apidocs/ 
> index.html
>
> If you take a look at:
> http://developer.ja-sig.org/source/browse/jasigsvn/cas3/trunk/cas- 
> server-webapp/src/main/webapp/WEB-INF/view/jsp/default/protocol/2.0/ 
> casServiceValidationSuccess.jsp?r=39553
>
> the thing to reference the principal is as follows:
> assertion.chainedAuthentications[fn:length 
> (assertion.chainedAuthentications)-1].principal
> (you can obviously place that in a variable using <c:set... />)
>
> Hope that helps.
> -Scott
>
> On 8/6/07, Barrow Kwan <bhkwan at thoughtworks.com> wrote:
> Thanks Scott.  I took a quick look and this seems to be  
> straightforward.
>
> I have a few comments :
> 1. on CAS website, it show us the CVS information.  I didn't  
> realize that until you mention about Subversion.  I have to do a  
> search on the Wiki site to find out the SVN location.
> 2. the Personal Directory site seems out-of-date especially if I  
> use personal directory V1.
>
>
> I think my question about accessing the attributes in the JSP is  
> not very clear, what I really mean is if  principal is available as  
> a tag ( eg,  I can reference principal in the JSP as $(principal)  
> throught the Spring Tag library ).
>
>
> thanks
>
>
>
> On Aug 5, 2007, at 5:46 PM, Scott Battaglia wrote:
>
>> I just looked at the RC4 code and the  
>> UsernamePasswordCredentialsToPrincipalResolver should call the  
>> PersonDirectory to retrieve any attributes for that username.  You  
>> wil need to configure an instance of PersonDirectory
>>
>> PersonDirectory documentation can be found here:
>> http://developer.ja-sig.org/projects/person-directory/
>> http://www.ja-sig.org/wiki/display/UPC/Person+Directory
>>
>> The first link is probably more up-to-date.
>>
>> -Scott
>>
>> On 8/5/07, Scott Battaglia < scott.battaglia at gmail.com> wrote:
>> Barrow,
>>
>> You can either use one of the existing examples that utilizes the  
>> PersonDirectory project to retrieve attributes.  Or, you can write  
>> a custom CredentialsToPrincipalResolver that will call  
>> PersonDirectory.  I'm going to see if I can write one that does  
>> that for the 3.1 release.
>>
>> You should be able to access the attributes in the JSP page as you  
>> would any other JavaBean in principal.attributes["attribute"]  
>> where principal is the principal whos attribute you want to retrieve.
>>
>> If I get a new CredentialsToPrincipalResolver into Subversion I  
>> will let you know.
>>
>> -Scott
>>
>>
>> On 8/5/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>> I am still not sure how this works,
>>
>> ( PS: I am using CAS 3.1RC4 )
>>
>> 1. Principal:
>> 	I have looked at UsernamePasswordCredentialsToPrincipalResolver  
>> as an example.  It creates and return the Principal as
>> ..
>> return new SimplePrincipal(usernamePasswordCredentials.getUsername 
>> ());
>> ..
>>
>> 	So, do I need to create the "attributes" map and pass to the  
>> Principal's constructor?
>>
>> eg
>> return new  MyComplexPrincipal 
>> (usernamePasswordCrednetials.getUsername(),  
>> myAttributesMapWithAdditionalStuff );
>>
>> myAttributesMapWithAdditionalStuff is my Map that contain  
>> informations like email, first/last name ,etc...
>>
>>
>>
>>
>> 2. I am trying to customize casGenericSuccess.jsp, how do I  
>> retrieve information from MyComplexPrincipal?
>>
>>
>>
>> Thanks
>>
>>
>>
>> On Aug 2, 2007, at 5:56 AM, Scott Battaglia wrote:
>>
>>> In the latest CAS release, the Principal has a new property  
>>> called "attributes" which is map.  There are implementations that  
>>> obtain attributes from the JA-SIG PersonDirectory API and  
>>> populate that map.  CAS 3.1 will return those attributes via the  
>>> SAML response (though you'll need to use it in conjunction with  
>>> the Services Management tool to "release" the attributes to the  
>>> client applications).
>>>
>>> In Subversion, there should be a SAMLTicketValidator that will  
>>> parse the SAML response.  Note that its not 100% compatible with  
>>> the current CAS Server release because the protocol states that  
>>> the artifact resolution request should come over SOAP (the  
>>> TicketValidator in HEAD merely sends it as a HTTP Request  
>>> parameter).  Its not a very difficult change to make though.  I  
>>> just haven't had time yet.
>>>
>>> -Scott
>>>
>>> On 8/1/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>>> this question was asked back to april and Scott said :
>>>
>>> You just need to create a CredentialsToPrincipalResolver that  
>>> returns
>>> attributes and then use the /samlValidate url instead of / 
>>> serviceValidate
>>> (and an appropriate TicketValidator).  The CAS Client for Java  
>>> 3.1-m1 has a
>>> SamlTicketValidator you can use as an example.
>>>
>>> -Scott
>>>
>>>
>>> I still stuck with the  Saml, did someone has a working example  
>>> we can reference?
>>>
>>>
>>> thanks
>>>
>>>
>>>
>>> Barrow Kwan
>>> ThoughtWorks Inc
>>> 410 Townsend St, 4th Floor
>>> San Francisco, CA 94107
>>> USA
>>> (415)869-3103
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>>
>>>
>>>
>>> -- 
>>> -Scott Battaglia
>>>
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>> Barrow Kwan
>> ThoughtWorks Inc
>> 410 Townsend St, 4th Floor
>> San Francisco, CA 94107
>> USA
>> (415)869-3103
>>
>>
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>>
>>
>>
>> -- 
>> -Scott Battaglia
>>
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>
>>
>>
>> -- 
>> -Scott Battaglia
>>
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>
> Barrow Kwan
> ThoughtWorks Inc
> 410 Townsend St, 4th Floor
> San Francisco, CA 94107
> USA
> (415)869-3103
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
>
> -- 
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas

Barrow Kwan
ThoughtWorks Inc
410 Townsend St, 4th Floor
San Francisco, CA 94107
USA
(415)869-3103



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070807/b82df2a1/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2407 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20070807/b82df2a1/attachment-0001.bin

More information about the cas mailing list