Thank you again for looking. No, I don't have a principleAttributeList
defined for any of my three identity providers.
I also tried setting:
cas.personDirectory.attributeResolutionEnabled: true
cas.personDirectory.activeAttributeRepositoryIds: JDBCAttributeRepository
where
Aaron,
Do you also have an attribute list for the authn definition? like:
cas.authn.ldap[0].principalAttributeList=cn,sn,...
If so, your attributes may be coming from attribute list instead of
attribute-repository. Check you repository settings (and maybe comment out
attribute list).
Cas can
Yes, the attribute repository is cas.authn.attribute-repository.jdbc[0]
It works fine with my cas.authn.ldap[0] and cas.authn.jdbc.search[0]
authentication services, but seems to get skipped when I use the
cas.authn.pac4j.oidc[0].azure authentication service. The attributes I get
back are the
Thank you for looking. Yes, the attributes are defined under
cas.authn.attribute-repository.jdbc[0]... and as long as I use one of the
two non-delegated authentication methods (jdbc or ldap) the properties come
through fine. If I use the Azure AD authentication method, though, the only
Aaron,
Do you have the attribute repository defined with:
cas.authn.attribute-repository. ... properties?
Ray
On Wed, 2023-08-30 at 13:04 -0700, Aaron Chantrill wrote:
Notice: This message was sent from outside the University of Victoria email
system. Please be cautious with links and
I'm trying to use a specific attribute repository after authenticating with
Azure AD as a delegate identity provider.
Authenticating with Azure AD works fine and I can see the attributes, but
really I just want to use the samaccountname attribute to retrieve
attributes from a database.