I have CAS (7.x-1.2) / LDAP (7.x-1.0-beta12) and CAS Attributes configured to the point where I can log-into my Drupal site through CAS.
The issue I'm coming across is assigning a role to a CAS user using attributes from LDAP.
I was able to setup CAS Attribute Mappings fine using LDAP Tokens for username and email fields.
However, I haven't had any luck with Role Mapping. The system I'm working with doesn't seem to store any attributes (that I have access to) on its CAS Server, with everything being pulled from LDAP. The Role Mapping feature stresses that it only recognizes CAS attributes, and not token syntax.
Is there a setting/configuration/add-on module I should look into?
Comments
Comment #1
katrialesser CreditAttribution: katrialesser commentedI am using CAS to authenticate, and I'm pulling the email & name with CAS attributes, but I cannot figure out the syntax for Role Mapping.
- check which roles - do i check one?
- the example says 'department'
I have a CAS attribute of: [cas:attribute:activeparttimeinstructor]
so would I use: activeparttimeinstructor ?
If someone could provide an example of working syntax that would be SOOOOO helpful!
Thank you!
Comment #2
katrialesser CreditAttribution: katrialesser commentedHasn't anyone else wanted to use this & run into this problem?
Please, if anyone has an idea or knows how to do this / what to enter in...that would be so helpful..
Thanks!
Comment #3
Olarin CreditAttribution: Olarin commenteddelajed: Interesting point - if we can use LDAP attributes for other fields I don't see why we can't use them for roles as well; perhaps we should switch the Role Mapping section over to using token syntax.
girlwithquestions: My apologies for the delay in reply, but please try not to hijack threads - the original poster was referring specifically to trouble using LDAP attributes, not just how to get Role Mapping working in general. Please check out #1814654: add text to configuration page to explain how to get roles from attributes and provide some input on making the description text more helpful, and post follow up questions there. Meanwhile, I'll try to help you out here:
[cas:attribute:activeparttimeinstructor]
.If you have any other questions, please post them in #1814654: add text to configuration page to explain how to get roles from attributes. If you understand it perfectly now and have it working, then if you can, please help me improve the text in #1814654: add text to configuration page to explain how to get roles from attributes.
Comment #4
katrialesser CreditAttribution: katrialesser commentedSorry, I thought from "The issue I'm coming across is assigning a role to a CAS user using attributes from LDAP." we were asking the same question - how to get the CAS attributes to assign a role.
I'll go post on that other issue. thanks for responding! :)
Comment #5
Olarin CreditAttribution: Olarin commentedComment #6
bkosborneRelated: #2190967: Mapping roles from ldap attributes. Looks like token support has been added, but using LDAP tokens is still not supported for role mapping. I think it's appropriate to close this issue in favor of that one.
Comment #7
ellegonzalez CreditAttribution: ellegonzalez as a volunteer commentedI am using CAS to authenticate, and I'm pulling the email & name with CAS attributes, but I cannot figure out the syntax for Role Mapping. if we can use LDAP attributes for other fields I don't see why we can't use them for roles as well; perhaps we should switch the Role Mapping section over to using token syntax. For each checked role, if any of the attributes you specify contain that role, the user will get that role, and if they don't contain it, the user will lose that role
Thanks.
WP Hacked Help
We help remove malware from wordpress