Also an assertion can have multiple Attribute Statements. I fixed the SeamSamlPrincipal to take additional attribs.
Thanks, sorry, I should have told you I already had a lot of it done just have to clean up my workspaces to point to the Contributor version and handling the different formatting. If nothing else it allowed my to tweak my naming conventions a bit more to match your stuff. I'll be sure to mention it more explicitly next time. Sorry for the extra work
No biggie. It usually is faster for me to fix things when issues are brought up.
On the SEAM side the roles and attributes seem to get pulled properly from the SAML Response. On the non-SEAM stuff the SAML2AuthenticationHandler seems to pull the roles correctly but the SAML2AttributeHandler looks to only fire on the IDP side to populate the attributes.
//only handle IDP side
if(getType() == HANDLER_TYPE.SP)
Is there another class that handles it on the SP side or has this not been implemented yet?
Sorry, didn't realize I never responded to this. This stuff worked great, thanks for the quick work.