[keycloak-user] Shibboleth IdP configuration issues with Keycloak as SP

Thomas Darimont thomas.darimont at googlemail.com
Mon Jun 6 13:22:05 EDT 2016


Hello Robin,

do you have an example configuration for Shibboleth + Keycloak at hand?

Cheers,
Thomas

2016-06-06 19:18 GMT+02:00 robinfernandes . <robin1233 at gmail.com>:

> Hi All,
>
> We have a situation where the customer is using Shibboleth IdP and sending
> the NAMEID in the transient format to Keycloak which acts as an SP.
> However, we use one of the SAML attributes which is email to store that as
> the username for the user.
>
> However, after the first login, all subsequent logins fail with the error
> "User with username already exists." I presume that this is because the
> NAMEID which is transient is associated with that user somehow, and since
> it is transient it is not able to associate that user correctly even though
> we use email as the username?
>
> Any insights on this would be helpful.
>
> Thanks,
> Robin
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160606/eb895090/attachment-0001.html 


More information about the keycloak-user mailing list