Mohamed, I have this in my management.properties file mgmt.authz-attributes[0] = description
In LDAP I have description: ROLE_ADMIN I believe the attribute value must be ROLE_ADMIN. You may be able to remap the value from your ldap group. Ray ________________________________ From: cas-user@apereo.org <cas-user@apereo.org> on behalf of Mohamed Amdouni <me.amdo...@gmail.com> Sent: 15 July 2024 08:27 To: CAS Community <cas-user@apereo.org> Subject: [cas-user] How to configure access to cas management using LDAP roles You don't often get email from me.amdo...@gmail.com. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Hello, I configured a cas management with : mgmt.admin-roles[0]=ROLE_ADMIN mgmt.user-properties-file=<pathToProperties files> I would like to give access using the ldap attribute memberOf instead of hardcoding users in the file "mgmt.user-properties-file". I mean, if a user is a memeber of the cas-admin ldap group he will be able to access cas management as administrator. I tried accessStrategy but it does not work and the user should be defined in the property file. Thanks. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org<mailto:cas-user+unsubscr...@apereo.org>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5357c4a0-9b60-4f7b-a1a9-d30ce9d8ac94n%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/5357c4a0-9b60-4f7b-a1a9-d30ce9d8ac94n%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YT3PR01MB99462A8A828BAB6EE3D8E7E4CEA12%40YT3PR01MB9946.CANPRD01.PROD.OUTLOOK.COM.
