Florent, In LDAP the 'role' (from the linked example) would/should be multi valued unlike the multi row of a database. If group1 has its own dn from group2, you could use a groovy script to merge them, https://apereo.github.io/cas/6.6.x/integration/Attribute-Resolution-Groovy.html
Ray On Mon, 2023-08-21 at 06:31 -0700, Florent Thomas wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hi everyone, I'm running a fresh 6.6.x CAS connected to ldap. I'm strating to work with attribute-repository and person directory. I'm trying to add attribute that concatenate the ldap group to which the current user is member of. At this point I'm succeeding in returning and sharing the first group of the ldap search Yet I would like to have something like : group1,group2,group3 This is well explained here https://fawnoos.com/2018/02/20/cas-service-rbac-attributeresolution/#jdbc-attribute-retrieval for jdbc part but not for LDAP part. What is the process to aggregate / normalise the group list to a list of groups ? Thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/2cec4674512ae02ebfacdfc1176fa4823a6bdd23.camel%40uvic.ca.