Commenting out the principalAttributeMap property of the ldapAuthenticationHandler bean and leaving the attributeRepository mapping alone seems to work as well. I am now only seeing the one attribute search in the LDAP logs as well. For now I'll leave things in this state and see if I can get other things (like pulling the authenticated principal in casGenericSuccess.jsp and the cas-management webapp working).
Dave On 9/3/14 8:07 AM, Marvin Addison wrote: >> Nope, all that does is cause the attributes to have empty values in them: > Ok, I did a little code review and have a suggestion. The trigger to > resolve attributes from a principal resolver is the definition of a > PrincipalResolver component in the value side of > PolicyBasedAuthenticationManager#handlerResolverMap. So keep your > attributeRepository bean but don't wire it into your > PolicyBasedAuthenticationManager bean. Let me know whether that fixes > your problem. > > Best, > M > > > -- > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user