Le 19/12/2011 18:12, Marvin Addison a écrit :
I wrote a little hack : a LdapPersonAttributeDao derived class which overrides getPerson method (I think this is the only method CAS uses to retrieve attributes from LDAP directory), the new behavior is :I've opened a Jira issue : https://issues.jasig.org/browse/CAS-1078Thanks!It would be nice to have a kind of policy for user attributes, some of them just need to be cleaned (full DN => first component), other may need additional LDAP request (principal group membership, for example).I can imagine we might have a use case for the group membership scrubbing ourselves. M
1) call superclass getPerson 2) unlock the attributes collection 3) processes the attribute map with provided processor(s) (eg: regex on values) 4) lock the attributes collection On my development server, my LDAP groups now get cleaner :-) Rgds. -- Philippe MARASSE Service Informatique - Centre Hospitalier Henri Laborit BP 587 - 370 avenue Jacques Coeur 86021 Poitiers Cedex Tel : 05.49.44.57.19
smime.p7s
Description: Signature cryptographique S/MIME
