2 Replies Latest reply on Sep 29, 2014 9:45 AM by kchen007

    how to get the security principle with WAAD IDP

    kchen007

      I have configured JBOSS to use Windows Azure Active Directory as IDP, after the authentication, the user I got back is encrypted.

      in my test.jsp, I print out the user name via <%=request.getUserPrincipal().getName()%>, I got the value as 'gWVQLMjUF93ZB42C1vazeRJknYHdksU7SkNlOpmptnI'.

       

      How can I get the correct value?

       

      thanks

      Kevin

        • 1. Re: how to get the security principle with WAAD IDP
          jcacek

          Are you using Kerberos authentication in the IDP? If it's the case, then try to set passUserPrincipalToAttributeManager attribute in IDPWebBrowserSSOValve.

           

          <jboss-web>
              <security-domain>idp</security-domain>
              <valve>
                  <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name>
              </valve>
          
          
              <valve>
                  <class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name>
                  <param>
                      <param-name>passUserPrincipalToAttributeManager</param-name>
                      <param-value>true</param-value>
                  </param>
              </valve>
          </jboss-web>
          
          • 2. Re: how to get the security principle with WAAD IDP
            kchen007

            The issue is that the WAAD return a persistent principle, I have to configure the picketlink to ask the principle in email address format, that sove the problem.

             

            thanks

            Kevin