Details
-
Bug
-
Status: Verified
-
Resolution: Unresolved
-
Master
-
None
-
- 7.4-known-issues
- liferay-ga1-dxp-7413
- liferay-ga10-ce-743
- liferay-ga11-ce-743
- liferay-ga12-ce-743
- liferay-ga13-ce-743-known-issue
- liferay-ga14-ce-743-known-issues
- liferay-ga4-ce-743
- liferay-ga5-ce-743
- liferay-ga6-ce-743
- liferay-ga7-ce-743
- liferay-ga8-ce-743
- liferay-ga9-ce-743
- liferay-u1-dxp-7413
- liferay-u2-dxp-7413
-
3
-
Security
Description
Requirement:
Have an already working SAML link between an IdP and an SP, with a user present in both! The user should have no middle name.
Steps to reproduce:
- IdP should not send firstName
- On SP side set up the following mapping: User Field Expression is firstName, SAML Attribute is middleName
- Try to log in with the user
Actual result:
User is denied access, gets redirected to SP landing page with warning pop-up.
2021-07-05 14:42:45.600 ERROR [http-nio-8080-exec-5][WebSsoProfileImpl:219] Contacts must have a first name
Expected result:
Either user can log in with updated first name, or mapping mandatory field with optional should not be possible
Reproduced on:
Tomcat 9.0.43 + MySQL 8.0.25 | Portal master DXP GIT ID: 7e3babbae667ec5d49fe640b567580168a24ca80
cc:gabor.lovas
Attachments
Issue Links
- Discovered while testing
-
LPS-105169 As an Instance Administrator, I want to configure the user profile attributes that can be updated from the SAML assertion when a user logs into the system
-
- Closed
-