I read this article CAS SSO With Spring Security and run successfully the source code, but this client only get username, I hope my client need more fields from CAS server.
In my previous CAS client using traditional SpringMVC, I can get all fileds including username, phoneNo, password and email. The main steps as follows: In CAS server's file WEB-INF/classes/services/Apereo-10000002.json, I added an option:
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
}
In client, I used getUserPrincipal
as follows
@RequestMapping("/cas/login.do")
@ResponseBody
public String casLogin(String uri,
HttpServletRequest request,...){
...
Principal principal = request.getUserPrincipal();
Map<String,Object> userInfo = new HashMap<>();
if (p instanceof AttributePrincipal) {
userInfo =( (AttributePrincipal)principal).getAttributes();
}
System.err.println("image:"+userInfo.get("image"));
System.err.println("username:"+userInfo.get("username"));
System.err.println("email:"+userInfo.get("email"));
System.err.println("phoneNo:"+userInfo.get("phoneNo"));
...
}
Now I want to implement a CAS client based on spring boot + spring security
as the above article described. But based the articles code, what should I do? Thanks in advance!
this client only get username, I hope my client need more fields from CAS server
You need to make sure your client is hitting the right endpoint for validation. Based on the notes here:
If your client application is not receiving attributes, you will need to make sure:
- The client is using a version of CAS protocol that is able to release attributes.
- The client, predicated on #1, is hitting the appropriate endpoint for service ticket validation (i.e.
/p3/serviceValidate
).- The CAS server itself is resolving and retrieving attributes correctly.
- The CAS server is authorized to release attributes to that particular client application inside its service registry.