scripted attribute def failure

IAM David Bantz dabantz at
Mon May 11 15:22:02 EDT 2015

I'm sure this should be simple but I'm stymied.  I need to release a
username-like attribute that may come from either of two directory
sources.  I'm reliably authenticating against and retrieving attributes
from both directories, including the sAMAccountName from our AD
("uaADLDAP"), and a UASystemID attribute from an Oracle LDAP ("myLDAP").
The script below works as long as there is a record with sAMAccountName in
AD - so the else clause is not triggered - returning sAMAccountName in
uaUsername, but fails to execute the else clause when there is no

ScriptletAttributeDefinition uaUsername unable to execute script

javax.script.ScriptException:  TypeError: UASystemID is
not a function, it is
(<Unknown Source>#15)

<resolver:AttributeDefinition id="uaUsername" xsi:type="Script" xmlns=

        <resolver:Dependency ref="myLDAP" />

        <resolver:Dependency ref="uaADLDAP" />

        <resolver:AttributeEncoder … />

<!-- Script attempts to provide UA Username if AD and/or LDAP return value





        if (uaUsername == null)

             {uaUsername = new BasicAttribute("uaUsername");}

        if (typeof sAMAccountName != "undefined" && sAMAccountName != null
&& sAMAccountName.getValues().size() !=0)

             {  logger.debug("UA AD sAMAccountName Values: " +




            { if (typeof UASystemID != "undefined" && UASystemID != null &&
UASystemID().size() !=0)

                {   logger.debug("Oracle LDAP UASystemID Values: " +







What am I missing?

David Bantz

U Alaska
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list