-
Improvement
-
Resolution: Unresolved
-
Minor
-
Jenkins 1.532.1
The Jenkins LDAP Plugin requests all User attributes. We would like to restrict this attributes to the necessary. E.g. we don't have any user attribute with group names.
Other plugins only request attributes needed, e.g. email, cn and uid.
As far as I can see from my point of view, the LdapTemplate has a list of of attributes for the request. It could be modified before a request is done. Now it is set to NULL which indicates to request all attributes.
LdapTemplate is bound to the AppContext, so it is used for each request. Therefore it should be explicitly set before a request is done. That would be an easy solution. The list of attributes could be given in settings with a default (e.g. uid).
I'm affraid I can't do the change on my own at work ... some resources missing and no chance to create a PR.
This could be done for user and usergroup requests.