This content has been marked as final.
Show 2 replies
-
1. Re: how to get the security principle with WAAD IDP
jcacek Sep 29, 2014 5:21 AM (in response to kchen007)Are you using Kerberos authentication in the IDP? If it's the case, then try to set
passUserPrincipalToAttributeManager
attribute inIDPWebBrowserSSOValve
.<jboss-web> <security-domain>idp</security-domain> <valve> <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name> </valve> <valve> <class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name> <param> <param-name>passUserPrincipalToAttributeManager</param-name> <param-value>true</param-value> </param> </valve> </jboss-web>
-
2. Re: how to get the security principle with WAAD IDP
kchen007 Sep 29, 2014 9:45 AM (in response to jcacek)The issue is that the WAAD return a persistent principle, I have to configure the picketlink to ask the principle in email address format, that sove the problem.
thanks
Kevin