Troubles with idp.authn.LDAP.returnAttributes property

Peter Schober peter.schober at
Thu Oct 3 11:22:05 EDT 2019

* Guillaume Rousse <guillaume.rousse at> [2019-10-03 15:39]:
> According to my understanding of (Spring|Velocity|whatever templating system
> used) syntax, this should result in a default value of "1.1" for the value
> attribute, as the idp.authn.LDAP.returnAttribute property is undefined. And
> according to the documentation (,
> it should result in no attribute fetching at all.

The above documentation doesn't have a "Default" column so maybe it
doesn't specify the default values the IDP would use if none are
But even then a default would only apply if the property wasn't set,
but you did set it, only to empty value?

I may still be misunderstanding this but AFAICT it works as desiged:
You told the IDP to get everything by setting the property to nothing,
That's LDAP search request attribtues for you.


More information about the users mailing list