Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id D4A88200AF6 for ; Sat, 28 May 2016 02:56:23 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id D3F15160A37; Sat, 28 May 2016 00:56:23 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 27408160A12 for ; Sat, 28 May 2016 02:56:23 +0200 (CEST) Received: (qmail 2978 invoked by uid 500); 28 May 2016 00:56:22 -0000 Mailing-List: contact dev-help@shiro.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@shiro.apache.org Delivered-To: mailing list dev@shiro.apache.org Received: (qmail 2964 invoked by uid 99); 28 May 2016 00:56:21 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 28 May 2016 00:56:21 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 8C9A21A0CEA for ; Sat, 28 May 2016 00:56:21 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.529 X-Spam-Level: * X-Spam-Status: No, score=1.529 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, HTML_MESSAGE=2, KAM_UNSUB1=0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id jFiZB509IQbk for ; Sat, 28 May 2016 00:56:19 +0000 (UTC) Received: from mail-oi0-f45.google.com (mail-oi0-f45.google.com [209.85.218.45]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 2E0E85F23D for ; Sat, 28 May 2016 00:56:19 +0000 (UTC) Received: by mail-oi0-f45.google.com with SMTP id w184so191331387oiw.2 for ; Fri, 27 May 2016 17:56:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to; bh=UPSpb1p1QVY+D8WOA0p59mmRoG+P+HV1tf2trwUmCN8=; b=mcOOpzoLLZyzRqZ9TaUO4Nkj/WKUG7dXwV2ZhvWxBMtBR1k55FZ3nVg1S2VoANvkNt FdPMH/vT7GR3QfwQxofWu+6WGlw9BKGazauAIgYp9llwJvntXjBQmC1QbUG0XzBEu0UX W5i7NeN3G5s7BPHDIZJotxOtBP8EdYJ9vraElRWjiQGve9FM3fRt5u8nKefAcdR/zjWa 4bv4V4ar9/7AqoB2kfV4JcUSaHzL9ciB/KUXEcB6U+w68is7zr9YybLhKu14Y3sxkegM xtU/UfNFnrDg13n8gJdVEky7UomWfX9PubzD6UlWI0o5w9zyiEq+FwjAHImMkRPN3RbR rYPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to; bh=UPSpb1p1QVY+D8WOA0p59mmRoG+P+HV1tf2trwUmCN8=; b=LCxIox8PfHMsVI2ALN1J4unZI9acp/IAhNIsIB5BgPKVFxrgKWpwSX7znNn8hkTd/l mKQjFMH7crXT5jPnqHUY+cG1kgEKCUYg/sgUQYBog2SCU9eLGwhBxj7vmwqpmKmO+on4 BZ5okO7VNJlJG++/vBlOsBvPdOeR/iQ42vCckIH3oAgHNnHdQUTmT+yZUFWgUN+AyPTi CaxdI5yuEX6n+oLrU/Wz5q2uO1PYtqBicmz93QKVK5+z3aBeQmrcTtwNImhM3Ih9N3cH xXZJyk37QOcKqlvDvoeFjgP0BEkHEx1nw/eefhFJQbs1woThkdgJ7wZwyZS89iIGZeCe ExkQ== X-Gm-Message-State: ALyK8tKgHRZDG2bGMq7Luc/XigRRDsTTLgE3GCNZbYi98idFgOfVpoWdFY0Qh/QpAQg9paNBt/Pf/49Cos7xig== MIME-Version: 1.0 X-Received: by 10.157.3.143 with SMTP id f15mr12021877otf.95.1464396972250; Fri, 27 May 2016 17:56:12 -0700 (PDT) Received: by 10.157.5.37 with HTTP; Fri, 27 May 2016 17:56:12 -0700 (PDT) In-Reply-To: References: Date: Sat, 28 May 2016 10:56:12 +1000 Message-ID: Subject: Re: [jira] [Updated] (SHIRO-442) CAS client fails with multi-valued SAML attributes From: Alex White To: dev@shiro.apache.org Content-Type: multipart/alternative; boundary=94eb2c03b022575ea90533dc7d42 archived-at: Sat, 28 May 2016 00:56:24 -0000 --94eb2c03b022575ea90533dc7d42 Content-Type: text/plain; charset=UTF-8 unsubscribe On Thu, Jul 9, 2015 at 5:54 AM, Kalle Korhonen (JIRA) wrote: > > [ > https://issues.apache.org/jira/browse/SHIRO-442?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel > ] > > Kalle Korhonen updated SHIRO-442: > --------------------------------- > Fix Version/s: (was: 1.2.3) > 1.2.4 > > > CAS client fails with multi-valued SAML attributes > > -------------------------------------------------- > > > > Key: SHIRO-442 > > URL: https://issues.apache.org/jira/browse/SHIRO-442 > > Project: Shiro > > Issue Type: Bug > > Components: Authorization (access control) > > Affects Versions: 1.2.1 > > Reporter: Art O Cathain > > Fix For: 2.0.0, 1.2.4 > > > > Attachments: shiro-cas-saml.patch > > > > > > When using org.apache.shiro.cas.CasRealm, if the SAML returned by CAS > contains multiple attributes of the same name (e.g. roles?), CasRealm blows > up in doGetAuthorizationInfo > > String value = attributes.get(attributeName); > > with > > java.lang.ClassCastException: java.util.ArrayList cannot be cast to > java.lang.String > > This is because the > org.jasig.cas.client.validation.Saml11TicketValidator is populating the > attributes in the > > principal as follows: > > personAttributes.put(samlAttribute.getName(), values.size() == 1 ? > values.get(0) : values); > > See attached patch for a fix > > > > -- > This message was sent by Atlassian JIRA > (v6.3.4#6332) > --94eb2c03b022575ea90533dc7d42--