9:43 a.m.
Hi,
I'm trying to pre-configure a SAML 2.0 SP/Client in a realm with the
upload of its metadata in XML format. The metadata I have currently tells
that it wants the e-mail address as the NameIdFormat:
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
After uploading the metadata, the Name ID Format attribute is set to
"username" which seems to be the default value.
Tested with 1.8.0 and 1.9.1
Is this the expected/desired behavior or this is something that Keycloak
could extract?
Thank you,
Gabriel
--
Gabriel Lavoie
glavoie(a)gmail.com
12:52 p.m.
You imported a SAML SP metadata XML file into the admin console? IIRC, I
didn't populate this because multiple nameID formats are allowed to be
specified. Guess I should just pick one at least.
On 3/25/2016 10:43 AM, Gabriel Lavoie wrote:
Hi,
I'm trying to pre-configure a SAML 2.0 SP/Client in a realm with
the upload of its metadata in XML format. The metadata I have
currently tells that it wants the e-mail address as the NameIdFormat:
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
After uploading the metadata, the Name ID Format attribute is set to
"username" which seems to be the default value.
Tested with 1.8.0 and 1.9.1
Is this the expected/desired behavior or this is something that
Keycloak could extract?
Thank you,
Gabriel
--
Gabriel Lavoie
glavoie(a)gmail.com <mailto:glavoie@gmail.com>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
2:02 p.m.
I did it through both the admin console and the
RealmResource.convertClientDescription(<xml SP metadata>) API to retrieve a
ClientRepresentation object with the same result.
As I see, in the UI, the "email", "transient" and
"persistent" formats
could be auto-detected. A fallback to "username" if the value isn't
recognized would be an acceptable behavior.
Gabriel
2016-03-25 13:52 GMT-04:00 Bill Burke <bburke(a)redhat.com>:
You imported a SAML SP metadata XML file into the admin console?
IIRC, I
didn't populate this because multiple nameID formats are allowed to be
specified. Guess I should just pick one at least.
On 3/25/2016 10:43 AM, Gabriel Lavoie wrote:
Hi,
I'm trying to pre-configure a SAML 2.0 SP/Client in a realm with the
upload of its metadata in XML format. The metadata I have currently tells
that it wants the e-mail address as the NameIdFormat:
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
After uploading the metadata, the Name ID Format attribute is set to
"username" which seems to be the default value.
Tested with 1.8.0 and 1.9.1
Is this the expected/desired behavior or this is something that Keycloak
could extract?
Thank you,
Gabriel
--
Gabriel Lavoie
glavoie(a)gmail.com
_______________________________________________
keycloak-user mailing
listkeycloak-user@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hathttp://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Gabriel Lavoie
glavoie(a)gmail.com
1:40 p.m.
Just fixed this in branch 1.9.x and master now. Will be in next release.
On 3/25/2016 3:02 PM, Gabriel Lavoie wrote:
I did it through both the admin console and the
RealmResource.convertClientDescription(<xml SP metadata>) API to
retrieve a ClientRepresentation object with the same result.
As I see, in the UI, the "email", "transient" and
"persistent" formats
could be auto-detected. A fallback to "username" if the value isn't
recognized would be an acceptable behavior.
Gabriel
2016-03-25 13:52 GMT-04:00 Bill Burke <bburke(a)redhat.com
<mailto:bburke@redhat.com>>:
You imported a SAML SP metadata XML file into the admin console?
IIRC, I didn't populate this because multiple nameID formats are
allowed to be specified. Guess I should just pick one at least.
On 3/25/2016 10:43 AM, Gabriel Lavoie wrote:
> Hi,
> I'm trying to pre-configure a SAML 2.0 SP/Client in a realm
> with the upload of its metadata in XML format. The metadata I
> have currently tells that it wants the e-mail address as the
> NameIdFormat:
>
>
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
>
> After uploading the metadata, the Name ID Format attribute is set
> to "username" which seems to be the default value.
>
> Tested with 1.8.0 and 1.9.1
>
> Is this the expected/desired behavior or this is something that
> Keycloak could extract?
>
> Thank you,
>
> Gabriel
>
> --
> Gabriel Lavoie
> glavoie(a)gmail.com <mailto:glavoie@gmail.com>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
> https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org>
https://lists.jboss.org/mailman/listinfo/keycloak-user
--
Gabriel Lavoie
glavoie(a)gmail.com <mailto:glavoie@gmail.com>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
3208
days inactive
3211
days old
3 comments
2 participants
participants (2)
-
Bill Burke -
Gabriel Lavoie