Troubles with idp.authn.LDAP.returnAttributes property
Peter Schober
peter.schober at univie.ac.at
Thu Oct 3 11:22:05 EDT 2019
* Guillaume Rousse <guillaume.rousse at renater.fr> [2019-10-03 15:39]:
> According to my understanding of (Spring|Velocity|whatever templating system
> used) syntax, this should result in a default value of "1.1" for the value
> attribute, as the idp.authn.LDAP.returnAttribute property is undefined. And
> according to the documentation (https://wiki.shibboleth.net/confluence/display/IDP30/LDAPAuthnConfiguration),
> it should result in no attribute fetching at all.
The above documentation doesn't have a "Default" column so maybe it
doesn't specify the default values the IDP would use if none are
configured?
But even then a default would only apply if the property wasn't set,
but you did set it, only to empty value?
I may still be misunderstanding this but AFAICT it works as desiged:
You told the IDP to get everything by setting the property to nothing,
That's LDAP search request attribtues for you.
-peter
More information about the users
mailing list