As I said earlier, this works for the LDAP attributes but doesn't merge with 
the JDBC ones (no query sent).
See this section: 
https://apereo.github.io/cas/development/installation/Configuration-Properties.html#authentication-attributes
 

> If no other attribute source is defined and if attributes are not retrieved 
>as part of primary authentication via LDAP….

You are doing that; which is that you are getting attributes from LDAP as part 
of authn. When you do, CAS disables external principal resolvers because it is 
taught that attributes come from ldap directly. If you wish to merge multiple 
sources, you need to disable that part and nuke out the attributes and define 
attribute repository sources for each source via the properties. That will 
activate merging.

I can open an issue, I don't know what's the best process.
https://github.com/apereo/cas/issues 

Might be worth introducing flexibility into the configuration to allow what you 
have defined. 



-- 
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.58061014.cc80231.3323%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

Reply via email to