2 Replies Latest reply on Sep 29, 2014 9:45 AM by kchen007

    how to get the security principle with WAAD IDP

    kchen007 Apprentice

      I have configured JBOSS to use Windows Azure Active Directory as IDP, after the authentication, the user I got back is encrypted.

      in my test.jsp, I print out the user name via <%=request.getUserPrincipal().getName()%>, I got the value as 'gWVQLMjUF93ZB42C1vazeRJknYHdksU7SkNlOpmptnI'.

       

      How can I get the correct value?

       

      thanks

      Kevin

        • 1. Re: how to get the security principle with WAAD IDP
          Josef Cacek Newbie

          Are you using Kerberos authentication in the IDP? If it's the case, then try to set passUserPrincipalToAttributeManager attribute in IDPWebBrowserSSOValve.

           

          <jboss-web>
              <security-domain>idp</security-domain>
              <valve>
                  <class-name>org.jboss.security.negotiation.NegotiationAuthenticator</class-name>
              </valve>
          
          
              <valve>
                  <class-name>org.picketlink.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve</class-name>
                  <param>
                      <param-name>passUserPrincipalToAttributeManager</param-name>
                      <param-value>true</param-value>
                  </param>
              </valve>
          </jboss-web>
          
          • 2. Re: how to get the security principle with WAAD IDP
            kchen007 Apprentice

            The issue is that the WAAD return a persistent principle, I have to configure the picketlink to ask the principle in email address format, that sove the problem.

             

            thanks

            Kevin