我有CAS 3.5服务器,并根据此链接修改了deployerConfigContext.xml和casServiceValidationSuccess.jsp => LINK。在CAS调试日志中,我可以看到在那里创建了附加属性映射,并且还记录了属性值。
2012-10-21 18:29:34,556 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with credential: CN=mich@mycomp.com,CN=Users,DC=mygroup,DC=local>
2012-10-21 18:29:34,557 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler successfully authenticated [username: mich@mycomp.com]>
2012-10-21 18:29:34,560 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...>
2012-10-21 18:29:34,561 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [mich@mycomp.com]>
2012-10-21 18:29:34,562 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Created seed map='{username=[mich@mycomp.com]}' for uid='mich@mycomp.com'>
2012-10-21 18:29:34,564 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Adding attribute 'cn' with value '[mich@mycomp.com]' to query builder 'null'>
2012-10-21 18:29:34,565 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Generated query builder '(cn=mich@mycomp.com)' from query Map {username=[mich@mycomp.com]}.>
2012-10-21 18:29:34,678 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal mich@mycomp.com>
2012-10-21 18:29:34,678 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Principal found: mich@mycomp.com>
2012-10-21 18:29:34,681 DEBUG [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Attribute map for mich@mycomp.com: {Name=mich@mycomp.com, mem=[CN=WFC,OU=Applications,DC=mygroup,DC=local, CN=User Management,OU=Applications,DC=mygroup,DC=local, CN=Wshop,OU=Applications,DC=mygroup,DC=local], dName=Scott}>
但是,当我从PHP CAS Client访问“attributes”数组时,它返回一个空白数组。
<?php print_r(phpCAS::getAttributes());?>
给出一个空白数组。如果我对casServiceValidationSuccess.jsp中的任何内容进行硬编码,它会在数组中显示该属性,但值为null。
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<!-- Begin Ldap Attributes -->
<c:if test="${fn:length(assertion.chainedAuthentications) > 0}">
<cas:attributes>
<cas:mem>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes.mem)}</cas:mem>
</cas:attributes>
...
...
我错过了什么???
答案 0 :(得分:0)
我在CAS issue 655找到了答案。这是我的casServiceValidationSuccess.jsp最终看起来像:
<%@ page session="false" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
<%-- Added attributes in response--%>
<cas:attributes>
<c:forEach var="attr"
items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}"
varStatus="loopStatus" begin="0"
end="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes)-1}"
step="1">
<%-- Produce output exactly as CAS client code expects it: <cas:attrName>attrValue</cas:attrName> --%>
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>