From 3e7073f106dba0b97484935347b94b1c11db9b81 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sat, 3 Apr 2021 20:47:55 +0000 Subject: [PATCH] feat(3p/apereo-cas): add the LDAP DN to the list of attributes Panettone currently uses the LDAP DN as the user key, so we collect it here so that we can later make sure its exposed to Panettone. Change-Id: Ia2048cb479a2afe6fe9f47181115ae7ec13dedf3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2811 Tested-by: BuildkiteCI Reviewed-by: tazjin Reviewed-by: glittershark --- .../apereo-cas/overlay/etc/cas/config/cas.properties | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties index b2a091b8d..f783ad086 100644 --- a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties +++ b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties @@ -22,10 +22,12 @@ cas.authn.saml-idp.entity-id=https://login.tvl.fyi cas.authn.accept.users= -cas.authn.attribute-repository.default-attributes-to-release=uid,mail,displayName +cas.authn.attribute-repository.default-attributes-to-release=uid,mail,displayName,username,principalLdapDn cas.authn.ldap[0].pool-passivator=NONE -cas.authn.ldap[0].principal-attribute-list=cn:uid,mail,displayName +cas.authn.ldap[0].principal-attribute-list=cn:uid,mail,displayName,cn:username +cas.authn.ldap[0].collect-dn-attribute=true +cas.authn.ldap[0].principal-dn-attribute-name=principalLdapDn cas.authn.ldap[0].ldap-url=ldap://localhost cas.authn.ldap[0].use-start-tls=false cas.authn.ldap[0].validator.base-dn=dc=tvl,dc=fyi