问题描述

我无法将属性获取到CAS客户端。
我做了一些研究，试图找出如何将属性转发给CAS客户。

I can't get the attributes to the CAS client.I did some research and try to find out how to forward attributes to a CAS client.

在 cas.properties 中，我设置为：

 cas.principal.resolver.persondir.return.null=false

我添加了这种依赖性：

    <dependency>
        <groupId>org.apache.commons</groupId>
        <artifactId>commons-collections4</artifactId>
        <version>4.1</version>
    </dependency>

这是我的 servicesRegistry.conf ：

{
    "services":[
        {
            "id":1,
            "serviceId":"https://localhost:8743/**",
            "name":"HELLO_WORLD",
            "description":"WEBAPP FOR TESTS",
            "theme":"my_example_webapp",
            "allowedToProxy":true,
            "enabled":true,
            "ssoEnabled":true,
            "anonymousAccess":false,
            "evaluationOrder":1,
            "attributeReleasePolicy" : {
                "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy",
                "principalAttributesRepository" : {
                    "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository"
                },
                "allowedAttributes" : [ "java.util.ArrayList", [ "cn", "description", "telephoneNumber" ] ]
            }
        },

        {
            "id":2,
            "serviceId":"https://yahoo.com",
            "name":"YAHOO",
            "description":"Test service with exact match on its serviceId and optional extra attributes",
            "extraAttributes":{
                "someCustomAttribute":"Custom attribute value"
            },
            "evaluationOrder":2
        }
    ]
}

我的 ldapAuthenticationHandler 看起来像这样：

<bean id="ldapAuthenticationHandler"
        class="org.jasig.cas.authentication.LdapAuthenticationHandler"
              p:principalIdAttribute="cn"
              c:authenticator-ref="authenticator">
            <property name="principalAttributeMap">
                <map>
                    <entry key="cn" value="cn" />
                    <entry key="description" value="description" />
                    <entry key="telephoneNumber" value="telephoneNumber" />
                </map>
            </property>
    </bean>

和我的 authenticationHandlersResolvers 一样：

<util:map id="authenticationHandlersResolvers">
    <entry key-ref="ldapAuthenticationHandler" value="#{null}" />
</util:map>

这是我的 attributeRepository ：

<bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
          p:backingMap-ref="attrRepoBackingMap" />

<util:map id="attrRepoBackingMap">
        <entry key="cn" value="cn" />
        <entry key="description" value="description" />
        <entry key="telephoneNumber" value="telephoneNumber" />
        <entry>
            <key><value>memberOf</value></key>
            <list>
                <value>faculty</value>
                <value>staff</value>
                <value>org</value>
            </list>
        </entry>
    </util:map>

在客户端，我这样做（不带 null的编辑版本/ code>检查等）

And at the client side I do this (edited version with out null check etc):

AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal();
final Map attributes = principal.getAttributes();
Iterator attributeNames = attributes.keySet().iterator();
String attributeName = (String) attributeNames.next();

但是，我没有任何属性。我想念什么？

However, I don't get any attributes. What am I missing?

编辑：

我在另一个线程中读到我必须将 Cas20ProxyReceivingTicketValidationFilter 更改为 Cas30ProxyReceivingTicketValidationFilter ，但这没有任何改变：

I read in another thread that I have to change Cas20ProxyReceivingTicketValidationFilterto Cas30ProxyReceivingTicketValidationFilter, but that didn't change anything:

<filter>
        <filter-name>CAS Validation Filter</filter-name>
            <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>

        <init-param>
            <param-name>casServerUrlPrefix</param-name>
            <param-value>https://localhost:8943/cas</param-value>
        </init-param>
        <init-param>
            <param-name>serverName</param-name>
            <param-value>https://localhost:8743</param-value>
        </init-param>
        <init-param>
            <param-name>redirectAfterValidation</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>useSession</param-name>
            <param-value>true</param-value>
        </init-param>
    </filter>

推荐答案

我的问题是 servicesRegistry .conf 。由于某些原因，它无法正常工作，我不知道为什么。

My problem was the servicesRegistry.conf. It didn't work for some reason and I couldn't figure out why.

如果使用 servicesRegistry.conf 文件时遇到问题，建议您在 deployerConfigContext.xml ：

If you have problem using the servicesRegistry.conf file, I recommend you use this inside your deployerConfigContext.xml:

<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
        <property name="registeredServices">
            <list>
                <bean class="org.jasig.cas.services.RegexRegisteredService"
                      p:id="5" p:name="https.all" p:description="Allow HTTPS connection"
                      p:serviceId="^https://.*" p:evaluationOrder="5"  >

                    <property name="attributeReleasePolicy">
                        <bean class="org.jasig.cas.services.ReturnAllAttributeReleasePolicy" />
                    </property>
                </bean>
            </list>
        </property>
    </bean>

这将允许所有具有适合正则表达式URL的服务 ^ https ：//.* 。

This will allow all services that have an URL that fits the regex ^https://.*.