Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-140307

Cannot match LDAP users on UUID attribute

Details

    Description

      1. Create two virtual portal instances, for IDP and SP roles
        Basic configuration according to https://grow.liferay.com/people/User+import+in+SP+from+IdP+after+SAML+configuration+for+DXP+7.1
        1. But replace all the "attributes" that are sent by the IDP with "uuid" only
        2. And on the SP, for "User Resolution" select "Match Using a Specific SAML Attribute Mapping" and then add an "Attribute Mapping" for the User Field Expression "UUID". Enter "uuid" for its "SAML Attribute". Then select this mapping's "Use to Match Users" radio button
      2. On the SP, set DEBUG level logging for com.liferay.saml.opensaml.integration.internal.resolver.DefaultUserResolver
      3. Connect both virtual portal instances to the same LDAP directory
        1. Ensure the "UUID" field is mapped to a sensible field on both. OpenLDAP has a "uid" attiribute for this for example
        2. On the SP & IDP enable import
        3. On the IDP enable export
      4. On the IDP create a new user. This user should then be exported to the LDAP directory
      5. On the SP, initiate a SSO
      6. Authenticate on the IDP as this new user

       Expected result: In the system log it prints a message like "Matched and imported LDAP user"
       Actual result: No log message. The SSO fails because after failing to match the LDAP user the SP tries to provision a user using only the SAML attributes provided by the IDP which is incomplete

      Attachments

        Issue Links

          Activity

            People

              ferenc.onodi Ferenc Onodi (Inactive)
              stian.sigvartsen Stian Sigvartsen
              Kiyoshi Lee Kiyoshi Lee
              Stian Sigvartsen Stian Sigvartsen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                1 year, 8 weeks, 5 days ago

                Packages

                  Version Package
                  7.4.13 DXP GA1
                  7.4.3.4 CE GA4
                  Master