User attribute mangling

Description

We're using CAS with X509 + LDAP login/password authentication against a Windows 2008R2 AD. Attribute releasing through SAML is working fine but it would be nice for client applications that some of the released attributes got mangled before.

For example, group membership is provided as :

  • CN=Group 1, OU=Groups, DC=example, DC=com

  • CN=Group 2, OU=Groups, DC=example, DC=com

  • CN=Group 3, OU=Groups, DC=example, DC=com

It would be more application friendly if it was provided as :

  • Group 1

  • Group 2

  • Group 3

Environment

Linux CentOS 5.7 / JDK 1.6.0 / Tomcat 6.0.x

Status

Assignee

Misagh Moayyed

Reporter

Philippe Marasse

Labels

Estimated End Date

None

Audience

None

Fix versions

Affects versions

3.4.11

Priority

Minor