Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-48205

SAML plugin should use friendlyName of attributes

    Details

      Description

      Hello,

      the saml 6.2.10.3 plugin uses name key instead of using the friendlyName for mapping:

      #saml.sp.user.attribute.mappings=screenName=screenName\nemailAddress=mail\nfirstName=givenName\nlastName=sn
      saml.sp.user.attribute.mappings=screenName=http://liferay.com/screenName\nemailAddress=urn:oid:0.9.2342.19200300.100.1.3\nfirstName=urn:oid:2.5.4.42\nlastName=urn:oid:2.5.4.4

      I believe it would be better to use the freidnlyName, since it is the scoped value while the name is used to carry the global formal name of the value when parsing the SAML response, eg.:

      <saml2:Attribute FriendlyName="mail"
      Name="urn:oid:0.9.2342.19200300.100.1.3"
      NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
      >
      <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:type="xs:string"
      >tamas.szerb@msci.com</saml2:AttributeValue>
      </saml2:Attribute>

      see also: https://www.incommon.org/federation/attributesummary.html

      Thanks,

      Tamas

        Attachments

          Activity

            People

            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                4 years, 42 weeks, 4 days ago

                Packages

                Version Package
                6.1.X EE
                6.2.X EE
                7.0.0 M4