Custom Attributes From LDAP in CAS 5.0.x

[Mike Kromarek]

I'm looking to release custom attributes based off of the retrieved attributes from LDAP for an authenticated user.  Current I have my cas.properties file setup to return all attributes for the authenticated user, but I would like to be able to do something like the following:

Take the pwdLastSet attribute from LDAP and create a new attribute called "pwdExpiresInXDays" which is equal to the number of days from the last change date minus our expiration policy for days until a password is expired.

Or something like creating a list of groups where I only have the CN (the name of the group) in the list, versus the entire DN.

But I'm not sure where I can do something like this. Or if i can.  Especially if I want it to be a default released attribute for all services.

I was thinking about possibly using a groovy script and using the CascadingPersonAttributeDao instead of the MergePersonAttributeDao

Any help that you can provide is most appreciated. 

--Mike K.