Re: [cas-user] cas 5.2.3 and LDAP attributes … failing here

Wed, 28 Mar 2018 07:07:22 -0700 

If ever it can help someone, CAS seems to need a dedicated user/pass to
get attributes, didn't found the way to get them using user's credentials...


On 03/28/2018 04:43, geoffroy desvernay wrote:
> Hi all,
> 
> After some hours, I must really miss something trying to make 5.2.x work
> as 4.2 (and as 3.x did before)
> 
> using DIRECT bind (no administrative binddn/pass), I can log in but no
> way to get any attributes from LDAP.
> 
> I can search (and find) required data with user credentials on
> command-line ldapsearch…
> 
> Here is the error (ldaptive debug) attached…
> 
> I hope someone can show me my error… or ?
> 
> relevant cas.properties lines (with some tests commented):
> 
> cas.authn.ldap[0].type=DIRECT
> cas.authn.ldap[0].poolPassivator=CLOSE
> #cas.authn.ldap[0].poolPassivator=NONE
> cas.authn.ldap[0].userFilter=uid={user}
> cas.authn.ldap[0].ldapUrl=ldaps://ldapr
> cas.authn.ldap[0].baseDn=ou=People,dc=nettest,dc=egim
> cas.authn.ldap[0].dnFormat=uid=%s,ou=People,dc=nettest,dc=egim
> cas.authn.ldap[0].principalAttributeList=sn,givenName,mailLocalAddress:mail,supannAffectation,eduPersonAffiliation,supannEtuId,supannEmpId,displayName,eduPersonPrincipalName,eduPersonPrimaryAffiliation,postalAddress,telephoneNumber,supannCivilite
> cas.authn.ldap[0].principalAttributeId=uid
> cas.authn.ldap[0].trustCertificates=file:/etc/ssl/caecm.crt
> #cas.authn.ldap[0].enhanceWithEntryResolver=true
> #cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true
> #cas.authn.attributeRepository.merger=MERGE
> cas.authn.ldap[0].passwordPolicy.enabled=false
> 
> … And thank you for this great piece of software we are using for more
> than 15 years !!!
> 

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a9c571dc-2677-f98e-6d35-530515d2349f%40centrale-marseille.fr.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to