Hello,
We're new to "modern" CAS (moving from 3.x to 5.x), and have run into an issue. We configured an attribute release filter to return mail & uid:
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
"allowedAttributes" : [ "java.util.ArrayList", [ "mail", "uid" ] ]
}
But for some reason, the response is coming back with only "mail" in the attribute list and the uid listed as property called "id":
principal=SimplePrincipal(id=username, attributes={mail=[username@
whitman.edu]}),requiredAttributes={}
I found this reference to the "principalIdAttribute" that states "By default, the principal id is NOT released as an attribute."
I can see where we have it listed as principalIdAttribute in our config:
cas.authn.ldap[0].principalAttributeId=uid
So I can see why it's mapping to the principal id and would not release by default, but I can't discern from the documentation how to change the default behavior to release it as part of the attribute list.
Any ideas?
Thanks!
Mike