Foros de discusión

  1. Inicio
  2. Portal
  3. Does SAML plugin support custom attributes ?

Does SAML plugin support custom attributes ?

Ashish Gupta, modificado hace 10 años.

Does SAML plugin support custom attributes ?

New Member Mensajes: 4 Fecha de incorporación: 17/09/13 Mensajes recientes
I have configured 2 Liferay instances, one as IdP and another as SP. I am able to successfully test sso between the 2. Now I'm trying to send user custom fields from IdP to SP and while I'm able to send the custom fields from IdP (I verified the sent SAML) These custom fields are not being processed on SP side. Below are the relevant portal-ext properties.

IdP :
saml.idp.metadata.attribute.names[liferaysamlspdemo]=screenName,firstName,lastName,emailAddress,expando:ucstxt,expando:crcinfo,comments,uuid

SP :
saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nexpando:ucstxt=ucstxt\nexpando:crcinfo=crcinfo\ncomments=comments

Has anyone else tried and able to successfully map custom attributes on SP side ?
Is it even possible with the current version of the plugin?
thumbnail
Mika Koivisto, modificado hace 10 años.

RE: Does SAML plugin support custom attributes ?

Liferay Legend Mensajes: 1519 Fecha de incorporación: 7/08/06 Mensajes recientes
For SP the expando attribute name actually comes without expando: now this might cause conflicts with attribute names so later versions we've added namespacing to all attribute names while also retaining ability to use non namespaced attributes for backwards compatibility.
Ash Gupta, modificado hace 10 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 4 Fecha de incorporación: 17/09/13 Mensajes recientes
Hi Mika,
So does that mean i should remove references to expando: from my sp attributes mapping, so it should be like below ?

I also noticed that the "comments" field (not an expando) is also not flowing through to SP. That may be a bug/missing behavior ?

SP :
saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nucstxt=ucstxt\ncrcinfo=crcinfo\ncomments=comments

Thanks the looking into this.

Ash
Ash Gupta, modificado hace 10 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 4 Fecha de incorporación: 17/09/13 Mensajes recientes
Mika Koivisto:
For SP the expando attribute name actually comes without expando: now this might cause conflicts with attribute names so later versions we've added namespacing to all attribute names while also retaining ability to use non namespaced attributes for backwards compatibility.



Hi Mika,

Changed my sp attributes mapping to below, removing expando: with no change in behavior, custom user attributes are still not getting in on SP side.

saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nucstxt=ucstxt\ncrcinfo=crcinfo\ncomments=comments


Ash
thumbnail
Mika Koivisto, modificado hace 10 años.

RE: Does SAML plugin support custom attributes ?

Liferay Legend Mensajes: 1519 Fecha de incorporación: 7/08/06 Mensajes recientes
Ah sorry didn't read carefully enough how you were mapping. The SP attribute mapping only supports following attributes to be mapped: screenName, emailAddress, firstName, lastName, uuid. Mappings to any other attributes will simply go ignored. Expanded support for mapping is in the roadmap.
Ash Gupta, modificado hace 10 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 4 Fecha de incorporación: 17/09/13 Mensajes recientes
Hi Mika,
Thanks for the confirmation. Is there a liferay IDE support project for the saml plugin that I can download and extend to support custom attribute?

regards
Ash
Montoo Garg, modificado hace 8 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensaje: 1 Fecha de incorporación: 8/04/15 Mensajes recientes
Hi Mika,

i am looking for mapping additional attributes apart from screenName, emailAddress, firstName, lastName, uuid. Could you please check if this is already implemented in the current version of SAML Plugin?

Thanks,
Montoo Garg
Amarendar Pashya, modificado hace 8 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensaje: 1 Fecha de incorporación: 28/01/15 Mensajes recientes
Hi Mika,

I am looking for a similar feature too. We have a set of roles being sent from the IDP through SAML along with other details. We want to assign those roles to the user when the user login for the first time to the portal.

Thanks
Amar
Thierry Dagnino, modificado hace 8 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 9 Fecha de incorporación: 27/07/12 Mensajes recientes
Hello Mika and everyone else,

did anyone get a reply on this. We also need to use other custom attributes . How do we do it ?
We are on liferay 6.1.2.
We need to send custom data through the SAML attributes.

Thank you.
thumbnail
Naresh Reddy Kallamadi, modificado hace 6 años.

RE: Does SAML plugin support custom attributes ?

Regular Member Mensajes: 120 Fecha de incorporación: 9/07/14 Mensajes recientes
Hi Amarendar Pashya,

I too have similar scenario where I am trying to assign role to user which are from IDP. Did you have any solution for this?

Thanks,
Naresh Kallamadi.
Thierry Dagnino, modificado hace 8 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 9 Fecha de incorporación: 27/07/12 Mensajes recientes
Hello,

I've set saml.idp.metadata.attribute.names=expando:customfield1,emailAddress and get only the customfiel1 in the saml attributes sent over by IDP.

I always only get the first attribute name in the list.

Is there a special way to separate the attribute names in the file ?

Thanks.
thumbnail
Anderson Marques, modificado hace 8 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensaje: 1 Fecha de incorporación: 14/09/14 Mensajes recientes
Hello everyone,

Please @Mika or someone could help with custom attributes?
Is possible do that on the current SAML plugin version. Could you help me please?

Thanks in advance,
Anderson
thumbnail
Felix Gonzalez de Santos, modificado hace 7 años.

RE: Does SAML plugin support custom attributes ?

New Member Mensajes: 5 Fecha de incorporación: 12/02/11 Mensajes recientes
Hello all,
We need the same functionality for roles, anyone has more info about that?

Regards