Return uid in attribute list?

[Mike Osterman]

Hello,

We're new to "modern" CAS (moving from 3.x to 5.x), and have run into an issue. We configured an attribute release filter to return mail & uid:

"attributeReleasePolicy" : {

"@class" : "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",

"allowedAttributes" : [ "java.util.ArrayList", [ "mail", "uid" ] ]

}

But for some reason, the response is coming back with only "mail" in the attribute list and the uid listed as property called "id":

principal=SimplePrincipal(id=username, attributes={mail=[username@whitman.edu]}),requiredAttributes={}

I found this reference to the "principalIdAttribute" that states "By default, the principal id is NOT released as an attribute."

https://apereo.github.io/cas/5.3.x/integration/Attribute-Release-Policies.html

I can see where we have it listed as principalIdAttribute in our config:

cas.authn.ldap[0].principalAttributeId=uid

So I can see why it's mapping to the principal id and would not release by default, but I can't discern from the documentation how to change the default behavior to release it as part of the attribute list.

Any ideas?

Thanks!

Mike

[Mike Osterman]

Also, if this is the incorrect list for this question, can you please indicate for which CAS list this question is better suited?