On Thu, Oct 16, 2014 at 1:09 PM, Alberto Cabello Sánchez <albe...@unex.es> wrote: > On Thu, 16 Oct 2014 18:04:42 +0200 > Alberto Cabello Sánchez <albe...@unex.es> wrote: >> >> Somehow, the final response returns only four LDAP attributes (dn, uid, >> orclisenabled and cn), even if the former (log shows two >> org.ldaptive.SearchOperation as shown below[1]) gets all of them. >> >> When querying OpenLDAP, the two org.ldaptive.SearchOperation get the >> same attributes set. > > Please forget about that. I just realized second org.ldaptive.SearchOperation > response is showing exactly the attributes an anonymous "ldapsearch" would > get, > both in the OpenLDAP and the OID scenario. > > So the new question is why this second sequence > > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Created seed map > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Adding attribute 'username' > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Constructed LDAP search > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Generated query builder > [org.ldaptive.SearchOperation] - execute request > [org.ldaptive.SearchOperation] - execute response <=== Shows only four attrs > [org.jasig.cas.persondir.LdapPersonAttributeDao] - Converted ldap DN >
Check the ACLs on your Oracle LDAP, sounds like it's configured to only return those attributes. --Daniel Fisher -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user