Fatal编程技术网
  • php/
  • Php CAS 3.5不返回附加属性

Php CAS 3.5不返回附加属性

php

Php CAS 3.5不返回附加属性,php,attributes,cas,Php,Attributes,Cas,我有CAS 3.5服务器,并根据此链接=>修改了deployerConfigContext.xml和casServiceValidationSuccess.jsp。在CAS调试日志中,我可以看到在那里创建了附加属性映射,并且还记录了属性值 2012-10-21 18:29:34,556 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with cred

我有CAS 3.5服务器,并根据此链接=>修改了deployerConfigContext.xml和casServiceValidationSuccess.jsp。在CAS调试日志中,我可以看到在那里创建了附加属性映射,并且还记录了属性值

2012-10-21 18:29:34,556 DEBUG [org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - <Performing LDAP bind with credential: CN=mich@mycomp.com,CN=Users,DC=mygroup,DC=local>
2012-10-21 18:29:34,557 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler successfully authenticated [username: mich@mycomp.com]>
2012-10-21 18:29:34,560 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Attempting to resolve a principal...>
2012-10-21 18:29:34,561 DEBUG [org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver] - <Creating SimplePrincipal for [mich@mycomp.com]>
2012-10-21 18:29:34,562 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Created seed map='{username=[mich@mycomp.com]}' for uid='mich@mycomp.com'>
2012-10-21 18:29:34,564 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Adding attribute 'cn' with value '[mich@mycomp.com]' to query builder 'null'>
2012-10-21 18:29:34,565 DEBUG [org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao] - <Generated query builder '(cn=mich@mycomp.com)' from query Map {username=[mich@mycomp.com]}.>
2012-10-21 18:29:34,678 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Resolved principal mich@mycomp.com>
2012-10-21 18:29:34,678 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Principal found: mich@mycomp.com>
2012-10-21 18:29:34,681 DEBUG [org.jasig.cas.authentication.AuthenticationManagerImpl] - <Attribute map for mich@mycomp.com: {Name=mich@mycomp.com, mem=[CN=WFC,OU=Applications,DC=mygroup,DC=local, CN=User Management,OU=Applications,DC=mygroup,DC=local, CN=Wshop,OU=Applications,DC=mygroup,DC=local], dName=Scott}>
但是,当我从PHP CAS客户端访问attributes数组时,它返回一个空白数组

<?php print_r(phpCAS::getAttributes());?>
给出一个空白数组。如果我在casServiceValidationSuccess.jsp中硬编码任何东西,它会在数组中显示属性,但值为null

<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationSuccess>
    <!-- Begin Ldap Attributes -->
    <c:if test="${fn:length(assertion.chainedAuthentications) > 0}">
    <cas:attributes>
    <cas:mem>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes.mem)}</cas:mem>
    </cas:attributes>
...
...
我遗漏了什么吗?

我找到了答案。以下是我的casServiceValidationSuccess.jsp最终的样子:

<%@ page session="false" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationSuccess>
        <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>

    <%-- Added attributes in response--%>
    <cas:attributes>
      <c:forEach var="attr"
                 items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}"
                 varStatus="loopStatus" begin="0"
                 end="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes)-1}"
                 step="1">
        <%-- Produce output exactly as CAS client code expects it: <cas:attrName>attrValue</cas:attrName> --%>
        <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
      </c:forEach>
    </cas:attributes>
<c:if test="${not empty pgtIou}">
        <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
        <cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
            <cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
        </cas:proxies>
</c:if>
    </cas:authenticationSuccess>
</cas:serviceResponse>
我在某处读到,我试图用CAS保护的服务URL必须位于SSL上,并且应该具有有效的证书,只有这样,CAS才会在回调响应中返回属性映射。。这是真的吗?