Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-140307

Cannot match LDAP users on UUID attribute

    Details

      Description

      1. Create two virtual portal instances, for IDP and SP roles
        Basic configuration according to https://grow.liferay.com/people/User+import+in+SP+from+IdP+after+SAML+configuration+for+DXP+7.1
        1. But replace all the "attributes" that are sent by the IDP with "uuid" only
        2. And on the SP, for "User Resolution" select "Match Using a Specific SAML Attribute Mapping" and then add an "Attribute Mapping" for the User Field Expression "UUID". Enter "uuid" for its "SAML Attribute". Then select this mapping's "Use to Match Users" radio button
      2. On the SP, set DEBUG level logging for com.liferay.saml.opensaml.integration.internal.resolver.DefaultUserResolver
      3. Connect both virtual portal instances to the same LDAP directory
        1. Ensure the "UUID" field is mapped to a sensible field on both. OpenLDAP has a "uid" attiribute for this for example
        2. On the SP & IDP enable import
        3. On the IDP enable export
      4. On the IDP create a new user. This user should then be exported to the LDAP directory
      5. On the SP, initiate a SSO
      6. Authenticate on the IDP as this new user

       Expected result: In the system log it prints a message like "Matched and imported LDAP user"
       Actual result: No log message. The SSO fails because after failing to match the LDAP user the SP tries to provision a user using only the SAML attributes provided by the IDP which is incomplete

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              ferenc.onodi Ferenc Onodi
              Reporter:
              stian.sigvartsen Stian Sigvartsen
              Participants of an Issue:
              Recent user:
              Sophia Zhang
              Engineering Assignee:
              Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                7 weeks, 3 days ago

                  Packages

                  Version Package
                  7.4.13 DXP GA1
                  7.4.3.4 CE GA4
                  Master