shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel M." <dan4bear-t...@yahoo.com.INVALID>
Subject Re: [jira] [Commented] (SHIRO-442) CAS client fails with multi-valued SAML attributes
Date Wed, 29 Jun 2016 21:52:16 GMT

Sent to your google account.
    On Wednesday, June 29, 2016 5:27 PM, Brian Demers <brian.demers@gmail.com> wrote:
 

 Ideally we would need an easy way of setting up the supported scenarios for
testing. Ideally integration tests and samples for manual testing, either
in Shiro or github.com/apereo

On Wed, Jun 29, 2016 at 1:55 PM, Daniel M. <dan4bear-tech@yahoo.com.invalid>
wrote:

> OK, I was able to install and configure a simple cas server.I can provide
> the jar and instructions (email me privately) or I can enable a user so you
> can test the patch.I would guess that you need continuous testing so maybe
> a local installation would work out best for you.
>
> Let me know what your preference would be.
>
>    On Wednesday, June 29, 2016 12:49 PM, Brian Demers (JIRA) <
> jira@apache.org> wrote:
>
>
>
>    [
> https://issues.apache.org/jira/browse/SHIRO-442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15355474#comment-15355474
> ]
>
> Brian Demers commented on SHIRO-442:
> ------------------------------------
>
> [~jleleu] can you point me to an example we can use to derive some tests
> from?
>
> I tried to spin up a CAS server and tried to enable the SAML config for
> some manual testing via :
> https://wiki.jasig.org/display/CASUM/SAML+Support+in+CAS+4
> but the config in the example doesn't seem to line up with the config from
> the overlay template.
>
> > CAS client fails with multi-valued SAML attributes
> > --------------------------------------------------
> >
> >                Key: SHIRO-442
> >                URL: https://issues.apache.org/jira/browse/SHIRO-442
> >            Project: Shiro
> >          Issue Type: Bug
> >          Components: Authorization (access control)
> >    Affects Versions: 1.2.1
> >            Reporter: Art O Cathain
> >              Labels: patch
> >            Fix For: 1.3.0
> >
> >        Attachments: shiro-cas-saml.patch
> >
> >
> > When using org.apache.shiro.cas.CasRealm, if the SAML returned by CAS
> contains multiple attributes of the same name (e.g. roles?), CasRealm blows
> up in doGetAuthorizationInfo
> > String value = attributes.get(attributeName);
> >  with
> > java.lang.ClassCastException: java.util.ArrayList cannot be cast to
> java.lang.String
> > This is because the
> org.jasig.cas.client.validation.Saml11TicketValidator is populating the
> attributes in the
> > principal as follows:
> > personAttributes.put(samlAttribute.getName(), values.size() == 1 ?
> values.get(0) : values);
> > See attached patch for a fix
>
>
>
> --
> This message was sent by Atlassian JIRA
> (v6.3.4#6332)
>
>
>
>


  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message