[keycloak-user] Shibboleth IdP configuration issues with Keycloak as SP
robinfernandes .
robin1233 at gmail.com
Mon Jun 6 13:18:10 EDT 2016
Hi All,
We have a situation where the customer is using Shibboleth IdP and sending
the NAMEID in the transient format to Keycloak which acts as an SP.
However, we use one of the SAML attributes which is email to store that as
the username for the user.
However, after the first login, all subsequent logins fail with the error
"User with username already exists." I presume that this is because the
NAMEID which is transient is associated with that user somehow, and since
it is transient it is not able to associate that user correctly even though
we use email as the username?
Any insights on this would be helpful.
Thanks,
Robin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/2475e15a/attachment.html
More information about the keycloak-user
mailing list