match group from memberOf oidc
18 views
Skip to first unread message
livio dezorzi
Dec 30, 2025, 10:24:14 AM12/30/25
to CAS Community
Hi,
I'm trying to convert this attributefilterpolicy from shibboleth idp to cas 7.3.2 with oidc
<AttributeFilterPolicy id="OPENID_SCOPE_MEMBEROFARGOS">
<PolicyRequirementRule xsi:type="oidc:OIDCScope" value="memberofargos" />
<AttributeRule attributeID="MemberOf">
<PermitValueRule xsi:type="OR">
<Rule xsi:type="Value" value="argos" caseSensitive="false" />
</PermitValueRule>
</AttributeRule>
</AttributeFilterPolicy>
<PolicyRequirementRule xsi:type="oidc:OIDCScope" value="memberofargos" />
<AttributeRule attributeID="MemberOf">
<PermitValueRule xsi:type="OR">
<Rule xsi:type="Value" value="argos" caseSensitive="false" />
</PermitValueRule>
</AttributeRule>
</AttributeFilterPolicy>
But i do not how to do ?
The user has several groups and I want to select only the argos group and attribute the value to oidc attribute MemberOf.
Thanks
livio dezorzi
Dec 30, 2025, 10:32:24 AM12/30/25
to CAS Community, livio dezorzi
I forgot this part of DataConnector LDAP to complete my issue.
<InputDataConnector ref="myLDAP" attributeNames="entryDN" />
<FilterTemplate>
<![CDATA[
(&(objectClass=groupOfUniqueNames)(uniquemember=$entryDN.get(0)))
]]>
</FilterTemplate>
<ReturnAttributes>cn</ReturnAttributes>
<FilterTemplate>
<![CDATA[
(&(objectClass=groupOfUniqueNames)(uniquemember=$entryDN.get(0)))
]]>
</FilterTemplate>
<ReturnAttributes>cn</ReturnAttributes>
Thanks
Reply all
Reply to author
Forward
0 new messages