Hazarding a guess, does your directory return memberOf attribute? If that value was empty/null I would expect Groovy to throw the “Index is out of range” exception like you are seeing.
From: [email protected] <[email protected]> On Behalf Of Daniel Maldonado Sent: Monday, November 18, 2024 8:11 PM To: [email protected] Subject: [EXTERNAL SENDER] Re: [cas-user] Get top level value of LDAP property Thank you for your reply. Based on your suggestion I used: OIDC.....json configuration ... "bypassApprovalPrompt": true, "supportedGrantTypes": [ "java.util.HashSet", [ "token", "AUTHORIZATION_CODE" ] ], "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ], "scopes" : [ "java.util.HashSet", [ "openid", "profile", "email", "info" ] ], "attributeReleasePolicy": { "@class": "org.apereo.cas.oidc.claims.OidcProfileScopeAttributeReleasePolicy", "claimMappings" : { "@class" : "java.util.TreeMap", "name" : "displayName", "groups" : ''' groovy { def groups = attributes['memberOf'] def result = [] for ( cn in groups ){ result.add( ( cn =~ /CN=([^,]+), /)[0][1] ) } return result } ''', "email" : "mail" } ... and I am still getting stuff like: ERROR [org.apereo.cas.util.scripting.ScriptingUtils] - <index is out of range 0..-1 (index = 0) StringGroovyMethods.java:getAt:1373 null:doMethodInvoke:-1 IndyInterface.java:fromCache:321 Script1.groovy:run:4 and no groups defined. Can I see more of what you have configured and how? I feel like I am really close it is just this part that I need to figure out. On Tue, Nov 12, 2024 at 11:24 PM William Jojo <[email protected]<mailto:[email protected]>> wrote: Daniel, I have the following in my service def as an attribute in allowedAttributes: memberOf: [ java.util.ArrayList [ groovy { def groups = attributes['memberOf']; def result = []; for ( cn in groups ) result.add( ( cn =~ /CN=([^,]+),/)[0][1] ) ; return result; } ] ] Hope this helps. On Tue, Nov 12, 2024 at 10:13 PM Ray Bon <[email protected]<mailto:[email protected]>> wrote: Daniel, See PATTERN FORMAT or EXTERNAL SCRIPT at the bottom of https://apereo.github.io/cas/7.1.x/integration/Attribute-Definitions.html Ray On Tue, 2024-11-12 at 18:06 -0500, Daniel Maldonado wrote: [You don't often get email from [email protected]<mailto:[email protected]>. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] I would like to get the top leven “cn” from my ldap query. The values returned look like: memberOf=[cn=admins,cn=groups,cn=accounts,dc=mycompany,dc=com,…] as one of the attributes. I only need the top values: “admins” and not everything else. I can not find in the documentation where I can basically return this top level value as a set. I can do it in my Java app but that would mean a “custom” solution for all my apps. Am I missing something here? CAS version: 7.1.1 -- - Website: https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapereo.github.io%2Fcas&data=05%7C02%7Crbon%40uvic.ca%7C6108767894c042badf2e08dd0389a1a9%7C9c61d3779894427cb13b1d6a51662b4e%7C0%7C0%7C638670611835591998%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=qgt4zh8Hcuxw%2BQ4YHy%2BFEHqcJWXbxV%2BAs5JpC%2FKshxM%3D&reserved=0<https://apereo.github.io/cas> - List Guidelines: https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2F1VRrw7&data=05%7C02%7Crbon%40uvic.ca%7C6108767894c042badf2e08dd0389a1a9%7C9c61d3779894427cb13b1d6a51662b4e%7C0%7C0%7C638670611835611345%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=kx2P69WsJOUbVv7xHygFbDRJ7BdX6kLq3tsEn3hples%3D&reserved=0<https://goo.gl/1VRrw7> - Contributions: https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgoo.gl%2Fmh7qDG&data=05%7C02%7Crbon%40uvic.ca%7C6108767894c042badf2e08dd0389a1a9%7C9c61d3779894427cb13b1d6a51662b4e%7C0%7C0%7C638670611835622203%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=jdSb24WsOrqHL8pe9JGn3VV7Zrf2VUoBWfPlI0sqbl4%3D&reserved=0<https://goo.gl/mh7qDG> --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fa%2Fapereo.org%2Fd%2Fmsgid%2Fcas-user%2FE73E9572-BC4B-4428-97CE-7241ED1F4CC1%2540epc-instore.com&data=05%7C02%7Crbon%40uvic.ca%7C6108767894c042badf2e08dd0389a1a9%7C9c61d3779894427cb13b1d6a51662b4e%7C0%7C0%7C638670611835633812%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=29McdrmdbESKw0nhBiDbQUY91xTaP3gA19yT8iE3gn0%3D&reserved=0<https://groups.google.com/a/apereo.org/d/msgid/cas-user/E73E9572-BC4B-4428-97CE-7241ED1F4CC1%40epc-instore.com>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d4e3128410fe5a4e3d2fe930da1fdfcff05e64e8.camel%40uvic.ca<https://groups.google.com/a/apereo.org/d/msgid/cas-user/d4e3128410fe5a4e3d2fe930da1fdfcff05e64e8.camel%40uvic.ca?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOGev1j_jO4_BGXphpUoC5p-q%3DgeWUwvRtOa3RyesW%2BoR6fjVw%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOGev1j_jO4_BGXphpUoC5p-q%3DgeWUwvRtOa3RyesW%2BoR6fjVw%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABdYQ6OrrWKOJi8fqdwQkPc%3DUsj_2mmTMoGvn9vzSDcrNfbF-g%40mail.gmail.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/CABdYQ6OrrWKOJi8fqdwQkPc%3DUsj_2mmTMoGvn9vzSDcrNfbF-g%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/DS7PR17MB673091C2A51656758F2A629AB4202%40DS7PR17MB6730.namprd17.prod.outlook.com.
