Does SAML plugin support custom attributes ?

掲示板

10年前に Ashish Gupta によって更新されました。

Does SAML plugin support custom attributes ?

New Member 投稿: 4 参加年月日: 13/09/17 最新の投稿

I have configured 2 Liferay instances, one as IdP and another as SP. I am able to successfully test sso between the 2. Now I'm trying to send user custom fields from IdP to SP and while I'm able to send the custom fields from IdP (I verified the sent SAML) These custom fields are not being processed on SP side. Below are the relevant portal-ext properties.

IdP :
saml.idp.metadata.attribute.names[liferaysamlspdemo]=screenName,firstName,lastName,emailAddress,expando:ucstxt,expando:crcinfo,comments,uuid

SP :
saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nexpando:ucstxt=ucstxt\nexpando:crcinfo=crcinfo\ncomments=comments

Has anyone else tried and able to successfully map custom attributes on SP side ?
Is it even possible with the current version of the plugin?

10年前に Mika Koivisto によって更新されました。

RE: Does SAML plugin support custom attributes ?

Liferay Legend 投稿: 1519 参加年月日: 06/08/07 最新の投稿

For SP the expando attribute name actually comes without expando: now this might cause conflicts with attribute names so later versions we've added namespacing to all attribute names while also retaining ability to use non namespaced attributes for backwards compatibility.

10年前に Ash Gupta によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 4 参加年月日: 13/09/17 最新の投稿

Hi Mika,
So does that mean i should remove references to expando: from my sp attributes mapping, so it should be like below ?

I also noticed that the "comments" field (not an expando) is also not flowing through to SP. That may be a bug/missing behavior ?

SP :
saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nucstxt=ucstxt\ncrcinfo=crcinfo\ncomments=comments

Thanks the looking into this.

Ash

10年前に Ash Gupta によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 4 参加年月日: 13/09/17 最新の投稿

Mika Koivisto:

For SP the expando attribute name actually comes without expando: now this might cause conflicts with attribute names so later versions we've added namespacing to all attribute names while also retaining ability to use non namespaced attributes for backwards compatibility.

Hi Mika,

Changed my sp attributes mapping to below, removing expando: with no change in behavior, custom user attributes are still not getting in on SP side.

saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=emailAddress\nfirstName=firstName\nlastName=lastName\nucstxt=ucstxt\ncrcinfo=crcinfo\ncomments=comments

Ash

10年前に Mika Koivisto によって更新されました。

RE: Does SAML plugin support custom attributes ?

Liferay Legend 投稿: 1519 参加年月日: 06/08/07 最新の投稿

Ah sorry didn't read carefully enough how you were mapping. The SP attribute mapping only supports following attributes to be mapped: screenName, emailAddress, firstName, lastName, uuid. Mappings to any other attributes will simply go ignored. Expanded support for mapping is in the roadmap.

10年前に Ash Gupta によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 4 参加年月日: 13/09/17 最新の投稿

Hi Mika,
Thanks for the confirmation. Is there a liferay IDE support project for the saml plugin that I can download and extend to support custom attribute?

regards
Ash

9年前に Montoo Garg によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 1 参加年月日: 15/04/08 最新の投稿

Hi Mika,

i am looking for mapping additional attributes apart from screenName, emailAddress, firstName, lastName, uuid. Could you please check if this is already implemented in the current version of SAML Plugin?

Thanks,
Montoo Garg

8年前に Amarendar Pashya によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 1 参加年月日: 15/01/28 最新の投稿

Hi Mika,

I am looking for a similar feature too. We have a set of roles being sent from the IDP through SAML along with other details. We want to assign those roles to the user when the user login for the first time to the portal.

Thanks
Amar

8年前に Thierry Dagnino によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 9 参加年月日: 12/07/27 最新の投稿

Hello Mika and everyone else,

did anyone get a reply on this. We also need to use other custom attributes . How do we do it ?
We are on liferay 6.1.2.
We need to send custom data through the SAML attributes.

Thank you.

6年前に Naresh Reddy Kallamadi によって更新されました。

RE: Does SAML plugin support custom attributes ?

Regular Member 投稿: 120 参加年月日: 14/07/09 最新の投稿

Hi Amarendar Pashya,

I too have similar scenario where I am trying to assign role to user which are from IDP. Did you have any solution for this?

Thanks,
Naresh Kallamadi.

8年前に Thierry Dagnino によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 9 参加年月日: 12/07/27 最新の投稿

Hello,

I've set saml.idp.metadata.attribute.names=expando:customfield1,emailAddress and get only the customfiel1 in the saml attributes sent over by IDP.

I always only get the first attribute name in the list.

Is there a special way to separate the attribute names in the file ?

Thanks.

8年前に Anderson Marques によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 1 参加年月日: 14/09/14 最新の投稿

Hello everyone,

Please @Mika or someone could help with custom attributes?
Is possible do that on the current SAML plugin version. Could you help me please?

Thanks in advance,
Anderson

7年前に Felix Gonzalez de Santos によって更新されました。

RE: Does SAML plugin support custom attributes ?

New Member 投稿: 5 参加年月日: 11/02/12 最新の投稿

Hello all,
We need the same functionality for roles, anyone has more info about that?

Regards