Hello,
I try to configure a kc-saml idp broker for an external IdP. The logout request from the
external idp to the saml broker unfortunately does not contain NameID and therefore
org.keycloak.dom.saml.v2.protocol.LogoutRequestType.getNameID() returns null in
org.keycloak.broker.saml.SAMLEndpoint. This leads to a nullpointerexception to be thrown.
There is a requirement for us to support nameid-format:unspecified, since USERID is
delivered via saml attribute. I configured this in IdP configuration, but it seems that
settintg nameid-format to unspecified has no effect (does this also default to
persistent?). Am I mixing up these things? Is there a workaround for this issue?
I hope anyone can help me or at least answer me this time. Regards,
[Logo]
Manuel Waltschek BSc.
+43 660 86655 47<tel:+436608665547>
manuel.waltschek@prisma-solutions.at<mailto:manuel.waltschek@prisma-solutions.at>
https://www.prisma-solutions.com
PRISMA solutions EDV-Dienstleistungen GmbH
Klostergasse 18, 2340 Mödling, Austria
Firmenbuch: FN 239449 g, Landesgericht Wiener Neustadt