Intercept Flows and checking raw LDAP attributes

Jeffrey Crawford jeffreyc at
Mon Aug 3 19:57:11 EDT 2015

Jeffrey <jeffreyc at>

Both pilots and IT professionals require training and currency before
charging into clouds!

On Mon, Aug 3, 2015 at 4:28 PM, Cantor, Scott <cantor.2 at> wrote:

> On 8/3/15, 7:27 PM, "Cantor, Scott" <cantor.2 at> wrote:
> (The workaround until then of course being to generate an IdPAttribute in
> the resolver but with no AttributeEncoder attached, and it won't ever
> appear in any assertions whether it's released or not.)
​This works well as long as I add the "fake" attribute to the consent page
Blacklist. Just to be sure even though the attribute shows up in the log,
it doesn't actually transmit because there is no encoder to encode it?

​Thanks for the idea, never occurred to me to define an attribute with no

> -- Scott
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list