Hi,
> Le 1 juin 2015 à 22:19, Tom Poage <[email protected]> a écrit : > > I think there was a similar issue with the BindLdapAuthenticationHandler > that was fixed a little later: > > https://issues.jasig.org/browse/CAS-1429 Thank you Tom to point me to this direction. I will move to CAS version 3.5.3 which resolves this LDAP injection problem without the difficulty to move to version 4. But, about the login retrieval, is this the wanted behavior that CAS server uses the typed user’s login and not an attribute value retrieved from LDAP queries ? — Vincent Hurtevent -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
