[OPENAM-9143] SAML IdP attribute mappers should work with profile attributes even when the user profile mode is set to dynamic - ForgeRock JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 11.0.0, 12.0.0, 13.0.0, 13.5.0
Fix Version/s: 12.0.4, 13.5.1, 14.0.0
Component/s: SAML
Labels:
- EDISON
- test-candidate

Target Version/s:

12.0.4, 13.5.1, 14.0.0
Rank:
1|hzkzef:

Sprint:
AM Sustaining Sprint 25

Support Ticket IDs:

Verified Version/s:

12.0.4, 13.5.1

Description

The out of the box SAML IdP Attribute Mapper implementation does not map profile attributes when the user profile mode has been configured to Dynamic or Dynamic with Alias mode. Since the point of the Dynamic profile mode is to ensure that a profile gets successfully created at the time of the authentication, it would perfectly reasonable for the SAML AttributeMapper to just simply map the attributes coming from the freshly created user account (or even from the old account that was previously dynamically created).

Attachments

Issue Links

is duplicated by

OPENAM-8226 the default IdP Attribute Mapper should read attributes from data store or SSO session regardless the setting of the 'profile' property in core auth service

Resolved

Activity

People

Assignee:: Mark de Reeper

Reporter:: Peter Major [X] (Inactive)

QA Assignee:: Filip Kubáň [X] (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2016-06-17 2:55 PM

Updated:: 2017-05-19 9:49 AM

Resolved:: 2016-08-03 11:27 PM

Time Tracking

Estimated:

Remaining:

Logged: