Reading attribute from remote user flow
Ilkka Lindblom
don at idiosynkrasia.net
Wed Nov 23 11:10:39 UTC 2022
Hello
I have been posed with the following problem. In our IdP, we use the
RemoteUser login flow. The external system called authenticates user and
returns REMOTE_USER that is used to find rest of user details from LDAP
in attribute resolver.
Now, we are asked to provide an attribute in our SAML response for user
that is not available in LDAP, but is provided by the authentication
component either as a value besides REMOTE_USER, or even as a part of
it, for example "username;othervalue".
I did some reading and while the remote user flow can be configured to
look for the principal in other places besides REMOTE_USER, I cannot see
a way to read an attribute.
I notice that External login flow, that RemoteUser flow is to my
understanding based on, has an output called "attributes", but this does
not exist in RemoteUser.
Any advice to point in the right direction would be much appreciated.
Br,
Ilkka Lindblom
More information about the users
mailing list