All - I'm hoping someone can help me to resolve this problem. I'm running CAS 5.1.8 using a jdbc service registry which is not displaying the rejected attributes set for the defined services. Access to the service is denied as expected however, the only way to see what was set is by viewing the logs. Also, there's no way to delete the attribute because it's not visible through the cas management application; I've had to delete and recreate the service to clear it.
2018-03-18 18:58:08,212 DEBUG [org.apereo.cas.authentication.support.AbstractProtocolAttributeEncoder] - <[12] encoded attributes are available for release to [id=3,name=CAS Client,description=CAS Client,serviceId=^ https://home.catznet.science:2443/cas-client(/?|/.*)$,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme= <null>,evaluationOrder=1,logoutType=NONE,attributeReleasePolicy=org.apereo.cas.services.ReturnAllAttributeReleasePolicy@7af77c01 [attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@5651734a [],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=<null>],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@758f4d16 [enabled=true,ssoEnabled=true,requireAllAttributes=false,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false, *rejectedAttributes={groupDeny*=*[]}]* ,publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@5794ac9 ,logo=<null>,logoutUrl=<null>,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@19b9d72e[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>,bypassEnabled=false],informationUrl=<null>,privacyUrl=<null>,<null>]: [[firstname, isFromNewLogin, mail, authenticationDate, sAMAccountName, successfulAuthenticationHandlers, cn, lastname, samlAuthenticationStatementAuthMethod, UDC_IDENTIFIER, authenticationMethod, longTermAuthenticationRequestTokenUsed]]> Thanks, -Jeff -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOQN9x9cHQPFmmGDpwb3Z9E%2Bj%3DZEjDvShOdKKsJvCH08OA%40mail.gmail.com.
