Andy,
Seems almost like your "issue" with the mysterious tight linkage to MFA
and Radius and this are related.
Is there a way to enable MFA radius but have it behave as a single factor?
Side note is there a way using Radius Authentication to dynamically add
a realm identifier to the users
Hi Colin,
I have take a look into your problem, which is using *Radius Authentication
a*nd *LDAP *attribute, and LDAP attribute don't come up.
I am using CAS 6.1.1 + Freeradius + OpenLDAP as demo, but I think the
solution should be applicable to CAS 6.0 and other technology as well.
So I've continue to try to get this to work, and implemented
mod_auth_cas with SAML support in apache server so as to maybe see if
that triggered the attribute merging, specifically using the
cas-attribute directive to I was hoping force pulling/releasing of
attributes. Using Require
Colin,
It has been a long time since I used the default page so I do not know its
behaviour.
You can back up the logger to org.apereo.cas.services to get many more messages
related to the service. That along with
might provide more details in case there are ldap connection issues.
If you can
Ray,
I had already set the attribute release directive in the basic HTTPIMAP
all access service definition.
You've helped my brain tweak on the concept that only principal
attributes are automatically released while all others must be
explicitly added to defaults or service definitions. But
Colin,
Try this in the logs,
You can set attributes to be released by default (normally no attributes are
released),
cas.authn.ldap[1].principalAttributeList=mail, \
cn, \
sn
Attributes can
Folks,
I'm trying to have Radius be my Authentication Method but gather
attributes from the LDAP entry for the user. The LDAP database is the
same one that is actually backing the RADIUS auth.
Seemed straight forward enough based upon: