[keycloak-dev] Accessing SAML Request attributes in Authenticaors

Muein Muzamil shmuein+keycloak-dev at gmail.com
Wed Sep 21 20:22:03 EDT 2016 

Hi all,

This is a feature we need for some SP integrations, so if we don't support
this feature that is ok. We can probably implement this and generate a pull
request for this. But can someone please share some feedback how this
should be implemented.

Thanks in advance for your feedback on this.

Regards,
Muein

On Thu, Sep 15, 2016 at 10:05 AM, Muein Muzamil <
shmuein+keycloak-dev at gmail.com> wrote:

> Hi all,
>
> Not sure if my question was clear enough, feel free to ask for
> clarifications if needed.
>
> I will really appreciate some response on this.
>
> Best regards,
> Muein
>
> On Tue, Sep 13, 2016 at 10:29 AM, Muein Muzamil <
> shmuein+keycloak-dev at gmail.com> wrote:
>
>> Hi all,
>>
>> Any pointers to this? I was looking at the SAMLAuthNRequestParser class
>> and it seems we are parsing the subject from the incoming request. Now the
>> question is how can I access it in my custom authenticator?
>>
>> else if (JBossSAMLConstants.SUBJECT.get().equals(elementName)) {
>>        authnRequest.setSubject(getSubject(xmlEventReader));
>> }
>>
>> Regards,
>> Muein
>>
>> On Fri, Sep 9, 2016 at 3:20 PM, Muein Muzamil <
>> shmuein+keycloak-dev at gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> We are trying to integrate with an SP which sends Subject/NameID in the
>>> Saml Request (copying example below).  I have couple of questions in this
>>> regard
>>>
>>>
>>>    1. In our custom authenticator, we want to access this NameId and
>>>    want to pre-fill username field based on this. Can you please guide me how
>>>    can I do that.
>>>    2. Secondly, I am currently using KeyCloak JBoss Adapter for my
>>>    sample SP, does the SAML Adapter supports sending nameId in SAML request?
>>>
>>> <samlp:AuthnRequest Destination="https://idp.com/i
>>> dp/profile/SAML2/Redirect/SSO" Version="2.0"
>>> IssueInstant="2016-02-24T15:45:55.325Z"
>>> ID="ID112bf5b0e4169930b663f2d89e62c521fc2f1b8133598fa2ff"
>>> xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
>>>
>>> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>>> http://pingone.com/xxx/640d3755-e080-4a87-8f7f-91795e78c08d</saml:Iss
>>> uer>
>>> <saml:Subject xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
>>> <saml:NameID Format="urn:oasis:names:tc:SAM
>>> L:1.1:nameid-format:unspecified">jdoe at mysecureauthentication.com
>>> </saml:NameID>
>>> </saml:Subject>
>>> </samlp:AuthnRequest>
>>>
>>>
>>> Regards,
>>> Muein
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160921/9fdd1844/attachment.html

More information about the keycloak-dev mailing list