Skip to content

SAML2 Assertion: Support to map additional user attributes #7779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
berschmoe opened this issue Dec 30, 2019 · 4 comments
Closed

SAML2 Assertion: Support to map additional user attributes #7779

berschmoe opened this issue Dec 30, 2019 · 4 comments
Assignees
@fhanik
Labels
in: saml2 An issue in SAML2 modules status: duplicate A duplicate of another issue type: enhancement A general enhancement

Comments

@berschmoe
Copy link

Summary

With the current implementation - in Spring Security 5.2.1 - it works very well to map external roles / authorities to internal authorities (using a custom AuthoritiesExtractor).

For all other user data (e.g. mail, country ...), which are also sent within the assertion, there is currently no possibility to read out the data.

It would be nice if we had something similar to the LDAP org.springframework.security.ldap.userdetails.UserDetailsContextMapper interface.

Version

5.2.1.RELEASE
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 30, 2019
@fhanik fhanik self-assigned this Dec 30, 2019
@fhanik
Copy link
Contributor

fhanik commented Dec 30, 2019

Thank you for the report

Linking with: #7465 as there are a few issues around extracting user data from an assertion

@fhanik fhanik added in: saml2 An issue in SAML2 modules and removed status: waiting-for-triage An issue we've not yet triaged labels Dec 30, 2019
@fhanik fhanik added this to the 5.3.0.RC1 milestone Dec 30, 2019
@blucas
Copy link
Contributor

blucas commented Jan 29, 2020
edited
Loading

@fhanik can you expand on the issues extracting user data?

I have an urgent need to extract user data, and for the time being the only workaround I can think of is to use the AuthoritiesExtractor/Mapper to not only fetch the groups/roles the user belongs to but also the other data as well, such as first/last name.

If there is anything I can do to help, please let me know.

@fhanik
Copy link
Contributor

fhanik commented Jan 30, 2020

@blucas Hi Brendth, I sure will. I'll reply shortly

@eleftherias eleftherias modified the milestones: 5.3.0.RC1, 5.3.0 Feb 5, 2020
@jzheaux jzheaux modified the milestones: 5.3.0, 5.4.x Mar 4, 2020
@jzheaux jzheaux added the type: enhancement A general enhancement label Mar 4, 2020
@jzheaux
Copy link
Contributor

jzheaux commented Jun 15, 2020

Work is underway on this via #8661. As such, I'll close this as a duplicate. I'd invite those interested to comment on that ticket going forward.

@jzheaux jzheaux closed this as completed Jun 15, 2020
@jzheaux jzheaux added the status: duplicate A duplicate of another issue label Jun 15, 2020
@jgrandja jgrandja removed this from the 5.4.x milestone Sep 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fhanik fhanik

Labels
in: saml2 An issue in SAML2 modules status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@fhanik @blucas @jzheaux @eleftherias @jgrandja @spring-projects-issues @berschmoe