[keycloak-user] SAML NameID case issue
Tony Harris
Tony.Harris at oneadvanced.com
Mon Aug 5 06:07:58 EDT 2019
We have a client that when connected to their network internally the SAML NameID parameter comes across in all Uppercase, when they connect VIA their VPN the NameID format is in lowercase, example
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName">DOMAIN\USERNAME</NameID>
<NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName">DOMAIN\username</NameID>
This causes KC to think they are two separate user and complains that a user with the same email address already exists. Is there any setting in Keycloak that I can change or does anyone have any ideas if there is an ADFS seeing that might help.
P.S. This is KC 3.1.0.FInal
Tony
________________________________
Please consider the environment: Think before you print!
This message has been scanned for malware by Websense. www.websense.com
More information about the keycloak-user
mailing list