Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-134954

SP side attribute mapping is highjacked by hidden mapping

    Details

    • Fix Priority:
      4
    • Sprint:
      AppSec Iteration 68, AppSec Iteration 69, AppSec Iteration 70, AppSec Iteration 71, AppSec Iteration 72, AppSec Iteration 73, AppSec Iteration 74, AppSec Iteration 75, AppSec Iteration 76, AppSec Iteration 77, AppSec Iteration 78, AppSec Iteration 79, AppSec Iteration 80, AppSec Iteration 81, AppSec Iteration 82, AppSec Iteration 83, AppSec Iteration 84, AppSec Iteration 85, AppSec Iteration 86

      Description

      Requirement:

      • Have an already working SAML link between an IdP and an SP, with a user present in both!

      Scenario 1:
      Steps to reproduce:

      1. On IdP side navigate to Service Provider Connections and in the existing SP link, enter firstName as an Attribute and click on Save
      2. On SP side navigate to Identity Provider Connections and in the existing IdP link, delete any existing mapping, there should be 0.
      3. On IdP side change the first name of the already registered user.
      4. Log into SP using the credentials of said user.

      Actual result:
      First name of the user gets updated in SP
      Expected result:
      First name of the user should remain unchanged in SP
      First name of the user gets updated in SP (new expected behavior after the changes)

      Scenario 2:
      Steps to reproduce:

      1. On IdP side navigate to Service Provider Connections and in the existing SP link, enter firstName and jobTitle as an Attribute and click on Save
      2. On SP side navigate to Identity Provider Connections and in the existing IdP link, create the following mapping: User Field Expression should be firstName and SAML Attribute should be jobTitle
      3. On IdP side add job title for the user
      4. Log into SP using the credentials of said user.

      Actual result:
      First name of the user remains unchanged in SP
      Expected result:
      In the SP the first name of the user should change to whatever was given as job title in IdP

      Reproduced on:
      Tomcat 9.0.43 + MySQL 8.0.25 | Portal master DXP GIT ID: fa392694486a70c3eb29f5e2d47ea7f1d01480f4

      cc:Zsigmond Rab

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              brian.chan Brian Chan
              Reporter:
              ferenc.onodi Ferenc Onodi (Inactive)
              Participants of an Issue:
              Recent user:
              Brian Wulbern
              Engineering Assignee:
              Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                13 weeks, 6 days ago

                  Packages

                  Version Package
                  Master