New CAS metadata support in 3.4

Paul B. Henson henson at
Mon Nov 26 21:31:36 EST 2018

On Mon, Nov 26, 2018 at 06:20:08PM -0800, Paul B. Henson wrote:

> metadata instead... To clarify, is this how it's supposed to work?
> Intuitively I expected the release policy to match on the defined
> exact entityid.

As I continue my journey of discovery :), I came across the new
AffiliationDescriptor support in 3.4 and thought perhaps that could be
used to make my existing 3.3 CAS release policy config work, so I added:

<AffiliationDescriptor affiliationOwnerID="">

to my test metadata and updated my release policy to include the new
checkAffiliations parameter:

<AttributeFilterPolicy id="cas-cppEduPersonAffiliation">
    <PolicyRequirementRule xsi:type="InEntityGroup"
    groupID="cas-cppEduPersonAffiliation" checkAffiliations="true" /

   <AttributeRule permitAny="true" attributeID="cppEduPersonAffiliation" />

However, the policy doesn't seem to be activated when I make a request?

2018-11-26 18:26:21,396 - - DEBUG
ibuteFilterPolicy:128] - Attribute Filter Policy
'cas-cppEduPersonAffiliation'  Checking if attribute filter policy is
2018-11-26 18:26:21,396 - - DEBUG
ibuteFilterPolicy:137] - Attribute Filter Policy
'cas-cppEduPersonAffiliation'  Policy is not active for this request

Paul B. Henson  |  (909) 979-6361  |
Operating Systems and Network Analyst  |  henson at
California State Polytechnic University  |  Pomona CA 91768

More information about the users mailing list