Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-133386

Unsupported SAML attribute mapping could be selected for User Matching by Instance Administrators

    Details

      Description

      Summary
      Currently, In the backend we only support matching on emailAddress, screenName and UUID, when LDAP import is disabled.
      However, the UI didn't stop us to select other, non-supported fields for User Matching

      Reproduction Steps (as described in LPS-133090 / TC-5 )

      1. Execute test steps in LPS-133090, Test Case 5
      2. Check tomcat error logs after the unsuccessful login

      Actual results
      Using fields which are not supported for User Matching at the back end cause the following error log in to the console:

      2021-06-01 15:20:33.514 DEBUG [http-nio-8080-exec-12][WebSsoProfileImpl:809] SAML authenticated user [email protected]
      2021-06-01 15:20:33.515 DEBUG [http-nio-8080-exec-12][DefaultUserResolver:80] Resolving user with name ID format urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress and value [email protected]
      2021-06-01 15:20:33.516 DEBUG [http-nio-8080-exec-12][AttributeUserFieldExpressionResolver:72] Resolving user with user field expression: screenName
      2021-06-01 15:20:33.516 DEBUG [http-nio-8080-exec-12][DefaultUserResolver:263] User identifier expression is mapped to SAML attribute value "tom.cat"
      2021-06-01 15:20:33.532 DEBUG [http-nio-8080-exec-12][DefaultUserResolver:386] Updating user 44233 with attributes map {firstName=[Tom], lastName=[Cat _ IDP2], emailAddress=[[email protected]], screenName=[tom.cat], uuid=[5f52436e-0479-f6ce-ea38-a7e975beeee6]}
      

      Expected results
      We should prevent the Instance administrators to mark fields which are not supported by backed, to use them as User Matching fields.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              gabor.lovas Gábor Lovas
              Reporter:
              gabor.lovas Gábor Lovas
              Participants of an Issue:
              Recent user:
              Sophia Zhang
              Engineering Assignee:
              Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                24 weeks ago

                  Packages

                  Version Package
                  7.4.2 CE GA3 DXP 7,4
                  7.4.13 DXP GA1
                  Master