WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
Attribute Release Policy - Return MultiMapped
The same policy may allow attribute definitions to be renamed and remapped to multiple attribute names, with duplicate attribute values mapped to different names.
For example, the following configuration will recognize the resolved attribute eduPersonAffiliation and will then
release affiliation and personAffiliation whose values stem from the original eduPersonAffiliation attribute
while groupMembership is released as group. In other words, the eduPersonAffiliation attribute is
released twice under two different names each sharing the same value.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
{
"@class" : "org.apereo.cas.services.CasRegisteredService",
"serviceId" : "sample",
"name" : "sample",
"id" : 300,
"attributeReleasePolicy" : {
"@class" : "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes" : {
"@class" : "java.util.TreeMap",
"eduPersonAffiliation" : [ "java.util.ArrayList", [ "affiliation", "personAffiliation" ] ],
"groupMembership" : "group"
}
}
}
Attributes authorized and allowed for release by this policy may not necessarily be available as resolved principal attributes and can be resolved on the fly dynamically using the attribute definition store.