Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-48205

SAML plugin should use friendlyName of attributes

    Details

      Description

      Hello,

      the saml 6.2.10.3 plugin uses name key instead of using the friendlyName for mapping:

      #saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=mail\nfirstName=givenName\nlastName=sn
      saml.sp.user.attribute.mappings=screenName=http://liferay.com/screenName\nemailAddress=urn:oid:0.9.2342.19200300.100.1.3\nfirstName=urn:oid:2.5.4.42\nlastName=urn:oid:2.5.4.4

      I believe it would be better to use the freidnlyName, since it is the scoped value while the name is used to carry the global formal name of the value when parsing the SAML response, eg.:

      <saml2:Attribute FriendlyName="mail"
      Name="urn:oid:0.9.2342.19200300.100.1.3"
      NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
      >
      <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:type="xs:string"
      >tamas.szerb@msci.com</saml2:AttributeValue>
      </saml2:Attribute>

      see also: https://www.incommon.org/federation/attributesummary.html

      Thanks,

      Tamas

        Attachments

          Activity

            People

            Assignee:
            shitian.zhang Shitian "Shelton" Zhang (Inactive)
            Reporter:
            toma Tamas Szerb (Inactive)
            Participants of an Issue:
            Recent user:
            Esther Sanz
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              5 years, 39 weeks, 6 days ago

                Packages

                Version Package
                6.1.X EE
                6.2.X EE
                7.0.0 M4