Troubles with idp.authn.LDAP.returnAttributes property
cantor.2 at osu.edu
Thu Oct 3 11:52:43 EDT 2019
On 10/3/19, 11:22 AM, "users on behalf of Peter Schober" <users-bounces at shibboleth.net on behalf of peter.schober at univie.ac.at> wrote:
> But even then a default would only apply if the property wasn't set,
> but you did set it, only to empty value?
> I may still be misunderstanding this but AFAICT it works as desiged:
> You told the IDP to get everything by setting the property to nothing,
> That's LDAP search request attribtues for you.
That's it in a nutshell. The "default" is 1.1, which, ok, that's a weird thing but apparently part of the standard, so that's just me confused. But setting it to empty will override that default and will do the empty string thing, thus you get everything. So working as designed, yes. It would be tricky to add a warning, though not impossible.
More information about the users