diff --git a/src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.php b/src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.php
index 61bcdbeb9fe9d..6223eab75baf3 100644
--- a/src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.php
+++ b/src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.php
@@ -50,7 +50,23 @@ public function getUserBadgeFrom(string $accessToken): UserBadge
         $xml = new \SimpleXMLElement($response->getContent(), 0, false, $this->prefix, true);
 
         if (isset($xml->authenticationSuccess)) {
-            return new UserBadge((string) $xml->authenticationSuccess->user);
+            $userIdentifier = (string) $xml->authenticationSuccess->user;
+            $attributes = [];
+            if (isset($xml->authenticationSuccess->attributes)) {
+                // Extract all attributes without using namespace
+                foreach ($xml->authenticationSuccess->attributes->children($this->prefix, true) as $child) {
+                    $key = $child->getName();
+                    if (isset($attributes[$key])) {
+                        if (!\is_array($attributes[$key])) {
+                            $attributes[$key] = [$attributes[$key]];
+                        }
+                        $attributes[$key][] = (string) $child;
+                    } else {
+                        $attributes[$key] = (string) $child;
+                    }
+                }
+            }        
+            return new UserBadge($userIdentifier, null, $attributes);
         }
 
         if (isset($xml->authenticationFailure)) {
diff --git a/src/Symfony/Component/Security/Http/Tests/AccessToken/Cas/Cas2HandlerTest.php b/src/Symfony/Component/Security/Http/Tests/AccessToken/Cas/Cas2HandlerTest.php
index 728b7ca529a79..e6d024201bc80 100644
--- a/src/Symfony/Component/Security/Http/Tests/AccessToken/Cas/Cas2HandlerTest.php
+++ b/src/Symfony/Component/Security/Http/Tests/AccessToken/Cas/Cas2HandlerTest.php
@@ -29,6 +29,10 @@ public function testWithValidTicket()
                 <cas:authenticationSuccess>
                     <cas:user>lobster</cas:user>
                     <cas:proxyGrantingTicket>PGTIOU-84678-8a9d</cas:proxyGrantingTicket>
+                    <cas:attributes>
+                        <cas:email>lobster@example.com</cas:email>
+                        <cas:role>ROLE_USER</cas:role>
+                    </cas:attributes>        
                 </cas:authenticationSuccess>
             </cas:serviceResponse>
         BODY
@@ -40,7 +44,64 @@ public function testWithValidTicket()
 
         $cas2Handler = new Cas2Handler(requestStack: $requestStack, validationUrl: 'https://www.example.com/cas', client: $httpClient);
         $userbadge = $cas2Handler->getUserBadgeFrom('PGTIOU-84678-8a9d');
-        $this->assertEquals(new UserBadge('lobster'), $userbadge);
+        $this->assertEquals(new UserBadge('lobster', null, [
+            'email' => 'lobster@example.com',
+            'role' => 'ROLE_USER',
+        ]), $userbadge);        
+    }
+
+    public function testWithNoAttributes()
+    {
+        $response = new MockResponse(<<<BODY
+            <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+                <cas:authenticationSuccess>
+                    <cas:user>lobster</cas:user>
+                    <cas:proxyGrantingTicket>PGTIOU-84678-8a9d</cas:proxyGrantingTicket>
+                </cas:authenticationSuccess>
+            </cas:serviceResponse>
+        BODY
+        );
+
+        $httpClient = new MockHttpClient([$response]);
+        $requestStack = new RequestStack();
+        $requestStack->push(new Request(['ticket' => 'PGTIOU-84678-8a9d']));
+
+        $cas2Handler = new Cas2Handler(requestStack: $requestStack, validationUrl: 'https://www.example.com/cas', client: $httpClient);
+        $userbadge = $cas2Handler->getUserBadgeFrom('PGTIOU-84678-8a9d');
+        $this->assertEquals(new UserBadge('lobster', null, []), $userbadge);
+    }
+
+    public function testWithMultipleAffiliations()
+    {
+        $response = new MockResponse(<<<BODY
+            <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
+                <cas:authenticationSuccess>
+                    <cas:user>lobster</cas:user>
+                    <cas:proxyGrantingTicket>PGTIOU-84678-8a9d</cas:proxyGrantingTicket>
+                    <cas:attributes>
+                        <cas:firstname>John</cas:firstname>
+                        <cas:lastname>Doe</cas:lastname>
+                        <cas:email>jdoe@example.org</cas:email>
+                        <cas:affiliation>staff</cas:affiliation>
+                        <cas:affiliation>faculty</cas:affiliation>
+                    </cas:attributes>
+                </cas:authenticationSuccess>
+            </cas:serviceResponse>
+        BODY
+        );
+
+        $httpClient = new MockHttpClient([$response]);
+        $requestStack = new RequestStack();
+        $requestStack->push(new Request(['ticket' => 'PGTIOU-84678-8a9d']));
+
+        $cas2Handler = new Cas2Handler(requestStack: $requestStack, validationUrl: 'https://www.example.com/cas', client: $httpClient);
+        $userbadge = $cas2Handler->getUserBadgeFrom('PGTIOU-84678-8a9d');
+        $this->assertEquals(new UserBadge('lobster', null, [
+            'firstname' => 'John',
+            'lastname' => 'Doe',
+            'email' => 'jdoe@example.org',
+            'affiliation' => ['staff', 'faculty'],
+        ]), $userbadge);
     }
 
     public function testWithInvalidTicket()