CAS 6.4.4 release too much than policy allow

42 views

Skip to first unread message

Gregory G

unread,

Jan 14, 2022, 11:31:42 AM1/14/22

to CAS Community

Hello,

I have a service with this definition

attributeReleasePolicy: !<org.apereo.cas.services.ReturnMappedAttributeReleasePolicy> allowedAttributes: !<java.util.TreeMap> mail: !<java.util.ArrayList> - "mail" principalAttributesRepository: !<org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository> attributeRepositoryIds: !<java.util.HashSet> - "*" consentPolicy: !<org.apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy> status: "FALSE" excludeDefaultAttributes: true authorizedToReleaseAuthenticationAttributes: false

But if i use existing SSO session : i get my allowed attribute + authentification attributes (clientIp, UsernamePasswordPrincipal, etc..)

If i use fresh session : no problem

Gregory G

unread,

Jan 14, 2022, 1:15:31 PM1/14/22

to CAS Community, Gregory G

Hello,

I tried on CAS 6.2, the issue is not existing, everything working well

Reply all

Reply to author

Forward

0 new messages