Extra attributes being return with SAML 1.1

[Adam Causey]

I'm configuring CAS 5.0.5 and noticed that I am returned additional attributes that were not returned with CAS 3.5.  They are the following:

• samlAuthenticationStatementAuthMethod=urn:oasis:names:tc:SAML:1.0:am:password
• authenticationMethod=LdapAuthenticationHandler
• successfulAuthenticationHandlers=LdapAuthenticationHandler

Is there a way to suppress these attributes from being returned? It's just a matter of unneeded information, and I don't want these to confuse clients. I am testing with a Java CAS client using the same code with both versions of CAS.

Thanks!

-Adam

[Robert Ledermüller]

Hi,

you should be able to disable it via this property [1]. At least that worked for me during a regular CAS authentication and SAML 2 attribute release. Never tried SAML 1.1.

cas.view.cas3.releaseProtocolAttributes=false

Best

-- Robert

[1] https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#views

[Adam Causey]

Hi Robert,

Unfortunately that doesn't suppress the attributes in SAML 1.1, but thanks for the suggestion.  I will keep that set to false for the other protocols however, so it's good to know.

-Adam

--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2ee691ab-ddae-4704-9491-9ad0f5f97fc5%40apereo.org.