On Thu, Oct 16, 2014 at 1:09 PM, Alberto Cabello Sánchez <[email protected]> wrote: > On Thu, 16 Oct 2014 18:04:42 +0200 > Alberto Cabello Sánchez <[email protected]> wrote: >> >> Somehow, the final response returns only four LDAP attributes (dn, uid, >> orclisenabled and cn), even if the former (log shows two >> org.ldaptive.SearchOperation as shown below[1]) gets all of them. >> >> When querying OpenLDAP, the two org.ldaptive.SearchOperation get the >> same attributes set. > > Please forget about that. I just realized second org.ldaptive.SearchOperation > response is showing exactly the attributes an anonymous "ldapsearch" would > get, > both in the OpenLDAP and the OID scenario. > > So the new question is why this second sequence > > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Created seed map > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Adding attribute 'username' > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Constructed LDAP search > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Generated query builder > [org.ldaptive.SearchOperation] - execute request > [org.ldaptive.SearchOperation] - execute response <=== Shows only four attrs > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Converted ldap DN >
Check the ACLs on your Oracle LDAP, sounds like it's configured to only return those attributes. --Daniel Fisher -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
