[OPENAM-11921] Incorrect NameId Format offered for SAML2 auth module in console Created: 09/Oct/17  Updated: 22/May/20  Resolved: 07/Jan/20

Status: Resolved
Project: OpenAM
Component/s: console
Affects Version/s: 13.0.0, 13.5.0, 13.5.1, 14.0.0, 14.1.0, 14.1.1, 14.5.0
Fix Version/s: 7.0.0, 6.5.3

Type: Bug Priority: Major
Reporter: Bernhard Thalmayr Assignee: Peter Major [X] (Inactive)
Resolution: Fixed Votes: 0
Labels: Customer, EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

irrelevant


Target Version/s:
Support Ticket IDs:

 Description   

Bug description

Inline help for the SAML2 authentication module shows incorrect NameID format

How to reproduce the issue

  1. initially configure AM
  2. created hosted SP
  3. register remote IdP
  4. configure SAML2 auth module in root realm
  5. click on 'i' button for "NameID Format"
Expected behaviour
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified should be shown
Current behaviour
urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified is shown

See section 8.3.1 of Core SAMLv2 spec

Code analysis

amAuthSAML2.properties
a512.help=(Optional) Use this parameter to specify a SAML Name Identifier format identifier such as \
  <pre>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</pre> \
  <pre>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</pre> \
  <pre>urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified</pre>

has to be changed to

amAuthSAML2.properties
a512.help=(Optional) Use this parameter to specify a SAML Name Identifier format identifier such as \
  <pre>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</pre> \
  <pre>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</pre> \
  <pre>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</pre>

Generated at Mon Sep 28 00:09:40 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.