Would excludeDefaultAttributes: false
be what you are looking for? From: [email protected] <[email protected]> On Behalf Of Pablo Vidaurri Sent: Tuesday, October 12, 2021 8:29 PM To: CAS Community <[email protected]> Cc: baron <[email protected]> Subject: [EXTERNAL SENDER] [cas-user] Re: Return allowed attributes? >From description ><https://apereo.github.io/cas/6.2.x/integration/Attribute-Release-Policies.html#default> > of default attributes, the purpose of default-attributes-to-release is to >always release the attributes defined here regardless of what you have or dont >have in attributeReleasePolicy at the service level. On Thursday, October 7, 2021 at 3:55:53 PM UTC-5 baron wrote: We have CAS 6.3.5 configured to return a default set of attributes defined with the property "cas.authn.attribute-repository.default-attributes-to-release". This works as desired. We wanted to release only a subset of these attributes to a particular registered service. The CAS docs suggest this may be possible by using an attributeReleasePolicy in the service definition that specifies "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy" <https://apereo.github.io/cas/6.3.x/integration/Attribute-Release-Policies.html#return-allowed> So I added the following to an existing working service definition: "attributeReleasePolicy" : { "@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy", "allowedAttributes" : [ "java.util.ArrayList", [ "cn", "sn", "mail" ] ] } But CAS still seems to release the full set of default attributes for the service, and not just "cn", "sn", "mail" as defined above. Am I misinterpreting what ReturnAllowedAttributeReleasePolicy should do here? If not, any ideas what may be amiss? -- Baron Fujimoto <[email protected]> :: UH Information Technology Services minutas cantorum, minutas balorum, minutas carboratum desendus pantorum -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec95a065-11df-4941-9cec-26ae5d907cb8n%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/ec95a065-11df-4941-9cec-26ae5d907cb8n%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3ba92857e81245ef8bd327d577cf17c6%40mun.ca.
