Affects Version/s: 6.5.3
Fix Version/s: 6.5.3
Sprint:AM Sustaining Sprint 77
Needs QA verification:No
Are the reproduction steps defined?:Yes and I used the same an in the description
When creating hosted/remote entities in Admin console, specifying the attribute mapping, e.g. mail -> mail is not saved.
- Deploy two AM instance, embedded config and user store, e.g. http://idp.amtest2.com:9080/access and http://sp.amtest2.com:7080/access
- Login as amadmin to IdP, navigate to top level realm, dashboard.
- Create a hosted Identity Provider. Use signing cert alias of test, create a COT, idp_test. Specify an attribute mapping of mail -> mail, click add so that this is included in the list and then click create.
- Repeat for a hosted SP on SP (no attribute map included when created).
- Then using the exportmetadata url (e.g.http://idp.amtest2.com:9080/access/saml2/jsp/exportmetadata.jsp) , create a remote IdP on SP (again no attribute map included on creation page).
- Repeat on IdP to create a remote SP and specify attribute mapping. (http://sp.amtest2.com:7080/access/saml2/jsp/exportmetadata.jsp).
- Observe the created entities Assertion Processing tab attribute map values.
The Hosted IdP, Hosted SP and Remote SP entities Assertion Processing attribute maps should include the mail -> mail mapping configured.
No mapping is shown for the Hosted IdP and Hosted SP. This can then cause issues for SAML SSO flows for the mapping of remote to local users.
Add the mappings manually after creating the entities.