Return More than User Name
Barrow Kwan
bhkwan at thoughtworks.com
Wed Aug 8 02:24:41 EDT 2007
so what I can do to access to this information with the
casGenericSuccess.jsp?
On Aug 7, 2007, at 8:47 PM, Scott Battaglia wrote:
> Barrow,
>
> You can't add that to casGenericSuccess.jsp, that's why. :-) The
> generic success page is the page you see when you've successfully
> authenticated (or come back after successfully authenticating) but
> have not supplied a service to gain access to.
>
> Authentication information is only available on the response pages
> when access to a service was requested (i.e. the validationSucess
> page).
>
> -Scott
>
> On 8/7/07, Barrow Kwan <bhkwan at thoughtworks.com> wrote:
> thanks Scott,
>
> i tried to add this
>
> ${fn:escapeXml(assertion.chainedAuthentications[fn:length
> (assertion.chainedAuthentications)-1].principal.id)}
>
> to casGenericSuccess.jsp but it didn't return anything.
>
> I think I missed something but not sure what :)
>
> thanks
>
>
> On Aug 7, 2007, at 12:06 PM, Scott Battaglia wrote:
>
>> Barrow,
>>
>> I've updated the web site to reflect the Subversion information.
>> Thanks for pointing that out.
>>
>> The PersonDirectory API javadocs should be up to date (according
>> to their title):
>> http://developer.ja-sig.org/projects/person-directory/apidocs/
>> index.html
>>
>> If you take a look at:
>> http://developer.ja-sig.org/source/browse/jasigsvn/cas3/trunk/cas-
>> server-webapp/src/main/webapp/WEB-INF/view/jsp/default/protocol/
>> 2.0/casServiceValidationSuccess.jsp?r=39553
>>
>> the thing to reference the principal is as follows:
>> assertion.chainedAuthentications[fn:length
>> (assertion.chainedAuthentications)-1].principal
>> (you can obviously place that in a variable using <c:set... />)
>>
>> Hope that helps.
>> -Scott
>>
>> On 8/6/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>> Thanks Scott. I took a quick look and this seems to be
>> straightforward.
>>
>> I have a few comments :
>> 1. on CAS website, it show us the CVS information. I didn't
>> realize that until you mention about Subversion. I have to do a
>> search on the Wiki site to find out the SVN location.
>> 2. the Personal Directory site seems out-of-date especially if I
>> use personal directory V1.
>>
>>
>> I think my question about accessing the attributes in the JSP is
>> not very clear, what I really mean is if principal is available
>> as a tag ( eg, I can reference principal in the JSP as $
>> (principal) throught the Spring Tag library ).
>>
>>
>> thanks
>>
>>
>>
>> On Aug 5, 2007, at 5:46 PM, Scott Battaglia wrote:
>>
>>> I just looked at the RC4 code and the
>>> UsernamePasswordCredentialsToPrincipalResolver should call the
>>> PersonDirectory to retrieve any attributes for that username.
>>> You wil need to configure an instance of PersonDirectory
>>>
>>> PersonDirectory documentation can be found here:
>>> http://developer.ja-sig.org/projects/person-directory/
>>> http://www.ja-sig.org/wiki/display/UPC/Person+Directory
>>>
>>> The first link is probably more up-to-date.
>>>
>>> -Scott
>>>
>>> On 8/5/07, Scott Battaglia < scott.battaglia at gmail.com> wrote:
>>> Barrow,
>>>
>>> You can either use one of the existing examples that utilizes the
>>> PersonDirectory project to retrieve attributes. Or, you can
>>> write a custom CredentialsToPrincipalResolver that will call
>>> PersonDirectory. I'm going to see if I can write one that does
>>> that for the 3.1 release.
>>>
>>> You should be able to access the attributes in the JSP page as
>>> you would any other JavaBean in principal.attributes["attribute"]
>>> where principal is the principal whos attribute you want to
>>> retrieve.
>>>
>>> If I get a new CredentialsToPrincipalResolver into Subversion I
>>> will let you know.
>>>
>>> -Scott
>>>
>>>
>>> On 8/5/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>>> I am still not sure how this works,
>>>
>>> ( PS: I am using CAS 3.1RC4 )
>>>
>>> 1. Principal:
>>> I have looked at UsernamePasswordCredentialsToPrincipalResolver
>>> as an example. It creates and return the Principal as
>>> ..
>>> return new SimplePrincipal(usernamePasswordCredentials.getUsername
>>> ());
>>> ..
>>>
>>> So, do I need to create the "attributes" map and pass to the
>>> Principal's constructor?
>>>
>>> eg
>>> return new MyComplexPrincipal
>>> (usernamePasswordCrednetials.getUsername(),
>>> myAttributesMapWithAdditionalStuff );
>>>
>>> myAttributesMapWithAdditionalStuff is my Map that contain
>>> informations like email, first/last name ,etc...
>>>
>>>
>>>
>>>
>>> 2. I am trying to customize casGenericSuccess.jsp, how do I
>>> retrieve information from MyComplexPrincipal?
>>>
>>>
>>>
>>> Thanks
>>>
>>>
>>>
>>> On Aug 2, 2007, at 5:56 AM, Scott Battaglia wrote:
>>>
>>>> In the latest CAS release, the Principal has a new property
>>>> called "attributes" which is map. There are implementations
>>>> that obtain attributes from the JA-SIG PersonDirectory API and
>>>> populate that map. CAS 3.1 will return those attributes via the
>>>> SAML response (though you'll need to use it in conjunction with
>>>> the Services Management tool to "release" the attributes to the
>>>> client applications).
>>>>
>>>> In Subversion, there should be a SAMLTicketValidator that will
>>>> parse the SAML response. Note that its not 100% compatible with
>>>> the current CAS Server release because the protocol states that
>>>> the artifact resolution request should come over SOAP (the
>>>> TicketValidator in HEAD merely sends it as a HTTP Request
>>>> parameter). Its not a very difficult change to make though. I
>>>> just haven't had time yet.
>>>>
>>>> -Scott
>>>>
>>>> On 8/1/07, Barrow Kwan < bhkwan at thoughtworks.com> wrote:
>>>> this question was asked back to april and Scott said :
>>>>
>>>> You just need to create a CredentialsToPrincipalResolver that
>>>> returns
>>>> attributes and then use the /samlValidate url instead of /
>>>> serviceValidate
>>>> (and an appropriate TicketValidator). The CAS Client for Java
>>>> 3.1-m1 has a
>>>> SamlTicketValidator you can use as an example.
>>>>
>>>> -Scott
>>>>
>>>>
>>>> I still stuck with the Saml, did someone has a working example
>>>> we can reference?
>>>>
>>>>
>>>> thanks
>>>>
>>>>
>>>>
>>>> Barrow Kwan
>>>> ThoughtWorks Inc
>>>> 410 Townsend St, 4th Floor
>>>> San Francisco, CA 94107
>>>> USA
>>>> (415)869-3103
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Yale CAS mailing list
>>>> cas at tp.its.yale.edu
>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> -Scott Battaglia
>>>>
>>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>> _______________________________________________
>>>> Yale CAS mailing list
>>>> cas at tp.its.yale.edu
>>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>> Barrow Kwan
>>> ThoughtWorks Inc
>>> 410 Townsend St, 4th Floor
>>> San Francisco, CA 94107
>>> USA
>>> (415)869-3103
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>>
>>>
>>>
>>>
>>>
>>> --
>>> -Scott Battaglia
>>>
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>>
>>>
>>>
>>> --
>>> -Scott Battaglia
>>>
>>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>>> _______________________________________________
>>> Yale CAS mailing list
>>> cas at tp.its.yale.edu
>>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>> Barrow Kwan
>> ThoughtWorks Inc
>> 410 Townsend St, 4th Floor
>> San Francisco, CA 94107
>> USA
>> (415)869-3103
>>
>>
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>>
>>
>>
>> --
>> -Scott Battaglia
>>
>> LinkedIn: http://www.linkedin.com/in/scottbattaglia
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>
> Barrow Kwan
> ThoughtWorks Inc
> 410 Townsend St, 4th Floor
> San Francisco, CA 94107
> USA
> (415)869-3103
>
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
Barrow Kwan
ThoughtWorks Inc
410 Townsend St, 4th Floor
San Francisco, CA 94107
USA
(415)869-3103
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070807/40b96360/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2407 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20070807/40b96360/attachment.bin
More information about the cas
mailing list