Running into an odd doubling of attribute values when surrogate access is enabled. On CAS 6.1.0 RC6
Here is my Surrogate config, Active Directory Auth config, and Attribute repository: # Surrogate config cas.authn.surrogate.separator=+ cas.authn.surrogate.json.location=file:/etc/cas/config/surrogates.json # set some properties we can re-use in authn and attributeRepository configuration ldap-url= ldaps://ad01.example.edu:636 ldap-binddn= cn=logon_ldap_user,ou=Application Users,ou=All_Users,dc =example,dc=edu ldap-bindpw= examplePass ldap-auth-type= DIRECT ldap-basedn= ou=All_Users,dc=example,dc=edu ldap-dnformat= cn=%s,ou=All_Users,dc=example,dc=edu ldap-user-filter= (cn={user}) ldap-max-pool-size=20 ldap-tls=false ldap-ssl=true # configure ldap authentication cas.authn.ldap[0].trustCertificates=file:/etc/cas/trustedexamplecert.der cas.authn.ldap[0].base-dn=${ldap-basedn} cas.authn.ldap[0].bind-credential=${ldap-bindpw} cas.authn.ldap[0].bind-dn=${ldap-binddn} cas.authn.ldap[0].dn-format=${ldap-dnformat} cas.authn.ldap[0].ldap-url=${ldap-url} cas.authn.ldap[0].max-pool-size=${ldap-max-pool-size} cas.authn.ldap[0].min-pool-size=0 cas.authn.ldap[0].subtree-search=true cas.authn.ldap[0].type=${ldap-auth-type} cas.authn.ldap[0].searchFilter=${ldap-user-filter} cas.authn.ldap[0].use-ssl=${ldap-ssl} cas.authn.ldap[0].use-start-tls=${ldap-tls} # configure ldap attribute repository cas.authn.attributeRepository.ldap[0].trustCertificates =file:/etc/cas/trustedexamplecert.der cas.authn.attributeRepository.ldap[0].ldapUrl=${ldap-url} cas.authn.attributeRepository.ldap[0].order=0 cas.authn.attributeRepository.ldap[0].useSsl=${ldap-ssl} cas.authn.attributeRepository.ldap[0].useStartTls=${ldap-tls} cas.authn.attributeRepository.ldap[0].baseDn=${ldap-basedn} cas.authn.attributeRepository.ldap[0].searchFilter=${ldap-user-filter} cas.authn.attributeRepository.ldap[0].subtreeSearch=true cas.authn.attributeRepository.ldap[0].bindDn=${ldap-binddn} cas.authn.attributeRepository.ldap[0].bindCredential=${ldap-bindpw} cas.authn.attributeRepository.ldap[0].minPoolSize=0 cas.authn.attributeRepository.ldap[0].maxPoolSize=${ldap-max-pool-size} cas.authn.attributeRepository.ldap[0].validateOnCheckout=true # configure validator for attribute repository cas.authn.attributeRepository.ldap[0].validator.type=SEARCH cas.authn.attributeRepository.ldap[0].validator.baseDn=${ldap-basedn} cas.authn.attributeRepository.ldap[0].validator.searchFilter=(objectClass=*) cas.authn.attributeRepository.ldap[0].validator.scope=OBJECT cas.authn.attributeRepository.ldap[0].validator.attributeName=objectClass cas.authn.attributeRepository.ldap[0].validator.attributeValues=top # Get AD attributes cas.authn.attributeRepository.ldap[0].attributes.sAMAccountName =samAccountName cas.authn.attributeRepository.ldap[0].attributes.displayName=displayName cas.authn.attributeRepository.ldap[0].attributes.mail=email cas.authn.attributeRepository.ldap[0].attributes.mail=emailAddress cas.authn.attributeRepository.ldap[0].attributes.givenName=givenName cas.authn.attributeRepository.ldap[0].attributes.sn=surname cas.authn.attributeRepository.ldap[0].attributes.cn=commonName cas.authn.attributeRepository.ldap[0].attributes.memberOf=memberOf When the surrogacy dependency is added to build.gradle the attributeRepository returns doubled values for the attributes. See the example attributes below" cn [BONDR, BONDR] displayName [Robert Bond, Robert Bond] distinguishedName [CN=BONDR,OU=NSU,OU=All_Users,DC=example,DC=edu, CN=BONDR,OU=All_Users,DC=example,DC=edu] Any thoughts? When I remove the surrogate dependency from build.gradle it returns the attributes correctly. ex: cn [BONDR] Thanks! -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0f3842e4-4e15-4101-b420-238935acceb9%40apereo.org.