Solved. Attributes need to be defined in attribute resolution configuration - if nothing is used, then all attributes are fetched EXCEPT for some (f.e. operational)
https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#ldap On Wednesday, April 14, 2021 at 2:48:41 PM UTC+2 Petr Gašparík - AMI Praha a.s. wrote: > Hi, > we use *X.509 authentication on REST interface* of Apereo with LDAP > repository for attribute fetching (X509CredentialsAuthenticationHandler). > In general, it works, but *we have troubles getting special attributes: > nsRole, nsRoleDN and dn*. > > When REST interface of Apereo is called with username/password > (LdapAuthenticationHandler), we get everything we need. > > It is the same service and *cas.authn.ldap[0]*.* for username/password > (uid={user}) and *cas.authn.attributeRepository.ldap[0].* *for > certificate (certsn={user}) has the same configuration. > > Does that ring the bell for anyone? > > Thank you in advance, Petr > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b7e22f56-2d4c-4abb-bb7d-bd56f1e19236n%40apereo.org.
