CAS 6.6.x manipulation of attribute-repository

34 views
Skip to first unread message

Florent Thomas

unread,
Aug 21, 2023, 12:12:28 PM8/21/23
to CAS Community

Hi everyone,
I'm running a fresh 6.6.x CAS connected to ldap.
I'm strating to work with attribute-repository and person directory.
I'm trying to add attribute that concatenate the ldap group to which the current user is member of.
At this point I'm succeeding in returning and sharing the first group of the ldap search
Yet I would like to have something like  : group1,group2,group3
This is well explained here https://fawnoos.com/2018/02/20/cas-service-rbac-attributeresolution/#jdbc-attribute-retrieval for jdbc part but not for LDAP part.
What is the process to aggregate / normalise the group list to a list of groups ?
Thanks

Ray Bon

unread,
Aug 21, 2023, 1:40:17 PM8/21/23
to cas-...@apereo.org
Florent,

In LDAP the 'role' (from the linked example) would/should be multi valued unlike the multi row of a database. If group1 has its own dn from group2, you could use a groovy script to merge them, https://apereo.github.io/cas/6.6.x/integration/Attribute-Resolution-Groovy.html

Ray

On Mon, 2023-08-21 at 06:31 -0700, Florent Thomas wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Florent Thomas

unread,
Aug 22, 2023, 12:22:51 AM8/22/23
to CAS Community, Ray Bon
Thanks Ray,
I'll dig in this direction
Reply all
Reply to author
Forward
0 new messages