CAS + LDAP Authentication: User Roles Retrieving Problem

[mattia pirro]

Hello to everybody :)

I spent last weeks on CAS (CAS 5.2), I'm trying to integrate my web app with SSO, using data from a LDAP server.

In few days I make it authentication work, adding some times and I get Authorization working too, by the way I faced up with this issue:

My web app is such a DMS, where a User can have more than one role, I spent last week to figure out how to return all the roles for a given User, if I make a direct ldapsearch on the server or via ssh from client I can easily get those roles, with CAS I can only retrieve the first role for a user based on alphabetic sorting

This is the response from the ldapSearch:

This is the application.properties on Cas Server, using the same filter of the ldapsearch test example above:

This is the response from logging on Cas Server

As you can see, CAS retrieve only the first role related to the user that have performed succesfull login, and I can't figure out, I think I miss something in application.properties that allow CAS to retrieve multiple CNs for a given user

Thanks in advance

Matt