Hello, my question is "How to get all groups that a user is a member of as attribute?" I'm using CAS 5.1.0-RC3 + LDAP for authentification and this is my LDAP configuration and my LDAP structure.
cas.properties cas.authn.ldap[0].type=DIRECT cas.authn.ldap[0].useSsl=false cas.authn.ldap[0].ldapUrl=ldap://ldap:389 cas.authn.ldap[0].baseDn=ou=users,dc=company,dc=com cas.authn.ldap[0].enhanceWithEntryResolver=true cas.authn.ldap[0].userFilter=cn={user} cas.authn.ldap[0].dnFormat=cn=%s,ou=users,dc=company,dc=com cas.authn.ldap[0].principalAttributeId=cn cas.authn.ldap[0].principalAttributeList=sn,mail Part of my ldap.ldif: dn: cn=dev,ou=groups,dc=company,dc=com cn: dev member: cn=john,ou=users,dc=company,dc=com objectclass: groupOfNames objectclass: top dn: cn=john,ou=users,dc=company,dc=com cn: john objectclass: inetOrgPerson objectclass: top mail: [email protected] sn: John Doe If I use the user john IMHO only attributes which are under "cn=john,ou=users,dc=company,dc=com" exposed as attributes like mail and sn for example. Right? Possible Solutions: 1. Solve the problem with CAS: Is it possible to retrieve the LDAP attribute groupOfNames with a additional query and attach them to my service token like the attributes sn, email. 2. Solve the problem with LDAP: I have to add the attribute groupOfNames to the user john and and have to duplicate attributes. See http://www.openldap.org/doc/admin24/overlays.html Thanks, Michael -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/415f7ac8-8efd-44d3-8b4b-82ec63aaee08%40apereo.org.
