On Thu, Oct 13, 2016 at 05:19:19PM -0500, Richard Frovarp wrote:
>I'm very confused as to how to do attribute lookup with CAS 5.
>In the actual service entry I have the return all attributes policy, so that
>shouldn't be hanging me up.
>I am doing AD / LDAP authentication, and it's also where my attributes are
>I don't see how
>does anything, because if I add another attribute there, nothing happens.
>I don't see cas.authn.attributeRepository.ldap group of entries doing
>I also don't see cas.authn.ldap[0].additionalAttributes doing much.
>If I set cas.authn.ldap[0].principalAttributeList to have more attributes, it
>appears to work. But it's also including uid, which isn't in my list. Is that
>because of the entry above?
>Do I even need to have the cas.authn.attributeRepository.ldap section?

cas.authn.attributeRepository.attributes.* are used as defaults unless set
otherwise and can have unexpected results (see my earlier post re cn being
remapped by cas.authn.attributeRepository.attributes.cn=commonName) I
believe these may be deprecated or changed in future releases.

I define all the attributes in cas.authn.ldap[0].principalAttributeList

Since we release all of them by default, what I actually do is define a
variable, and use that to factor out the list of attributes so I don't
have to replicate it in multipe places. YMMV.

  ... etc ...


>I know it's an RC and that the documentation isn't complete, but it feels
>like something is missing. Feels odd to be doing it in the authn area instead
>of the ldap entries under attributeRepository.

Baron Fujimoto <ba...@hawaii.edu> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum

CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Reply via email to