No. You should see resolved attributes; that's why the endpoint says /attrresolution. If it was /attrrelease, then you'd be right.
And you'd only see attributes if you have attribute repositories set up. > From: "Pablo Vidaurri" <[email protected]> > To: "CAS Community" <[email protected]> > Cc: [email protected] > Sent: Thursday, September 28, 2017 9:33:51 PM > Subject: Re: [cas-user] making an extra LDAP attribute visible via CAS > Should you be able to verify the released attributes in > cas/status/attrresolution ... I assume if a user logs in via cas, you can go > to > attrresolution page, enter their id and view released attributes. I don't see > anything though > On Tuesday, September 26, 2017 at 8:15:39 AM UTC-5, gibson_brian wrote: >> We are working towards this as well but do not have it in place yet. I think >> it >> will be a two step process. Inside the C:\etc\cas\config\cas.properties files >> in the LDAP section you need to tell it what attributes from LDAP you want to >> pull.... >> cas.authn.ldap[0].principalAttributeList=sn,cn,mail,displayname,givenName,sAMAccountName,employeeType, >> employeeNumber >> Then, inside the .json file that denotes the service entry for Self Service >> Banner you would map the employeeNumber LDAP attribute to UDC_IDENTIFIER for >> when you send the info out.... here is (what I believe to be) a valid .json >> file, in our case located in >> C:\etc\cas\services\service_entry_4_475674893038.json with the UDC_IDENTIFIER >> line bolded >> { >> "@class" : "org.apereo.cas.services.RegexRegisteredService", >> "serviceId" : "https://bss.wheatonma.edu/.*"; , >> "name" : "BannerSelfService", >> "id" : 475674893038, >> "description" : "Service entry to Banner SSO", >> "attributeReleasePolicy" : { >> "@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >> "allowedAttributes" : { >> "@class" : "java.util.TreeMap", >> "sn" : "sn", >> "cn" : "cn", >> "mail" : "EmailAddress", >> "displayname" : "FullName" >> "employeeNumber" : "UDC_IDENTIFIER" >> "employeeType" : "affiliation" >> } >> }, >> "evaluationOrder" : 6 >> } >> On 9/26/2017 8:46 AM, charlie derr wrote: >>> Greetings, >>> We are new to CAS, but have managed to successfully get 5.1 working >>> with our LDAP directory on the back end. Apologies if this is a FAQ, but >>> I've looked around the web for the answer and only found instructions on >>> how to do this with 4.x (and earlier) CAS installs. >>> We have a need to expose the LDAP attribute employeeNumber (it's >>> present directly on each user's entry) as UDC_IDENTIFIER to the >>> application using CAS (Self-Service Banner). Any pointers or links to >>> documentation on how to correctly and securely accomplish this will very >>> much be appreciated. >>> thanks ever so much, >>> ~c >>> -- >>> Charlie Derr >>> Director of Instructional Technology >>> Bard College at Simon's Rock >>> 413-528-7344 > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups "CAS > Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email > to [email protected] . > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/a6a9ed62-2e93-412c-8d8b-bb57128358cc%40apereo.org > . -- --Misagh -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/595457330.4113844.1506946953188.JavaMail.zimbra%40unicon.net.
