On Tue, Apr 26, 2016 at 5:16 PM, Dinusha Senanayaka <[email protected]> wrote:
> IS Team, > > Can you look into this issue please. This has broke the store/publisher > tenant login (We are using identity-5.0.9-SNAPSHOT versions). > > - How to set fully qualified name when registering SP from config file. > This setting was moved under 'Local & Outbound Authentication Configuration'. To enable this from a config file, add the following under '<LocalAndOutBoundAuthenticationConfig>' tag in the SP specific xml file/s. <UseUserstoreDomainInUsername>true</UseUserstoreDomainInUsername> <UseTenantDomainInUsername>true</UseTenantDomainInUsername> ex: <LocalAndOutBoundAuthenticationConfig> <AuthenticationSteps>...</AuthenticationSteps> <UseUserstoreDomainInUsername>true</UseUserstoreDomainInUsername> <UseTenantDomainInUsername>true</UseTenantDomainInUsername> </LocalAndOutBoundAuthenticationConfig> Regards, Omindu. > - Skip sending carbon.super when fully qualified name is enabled. > > Regards, > Dinusha. > > On Mon, Apr 25, 2016 at 4:58 PM, Dinusha Senanayaka <[email protected]> > wrote: > >> +Pushpalanka. >> >> On Mon, Apr 25, 2016 at 4:51 PM, Jenananthan Yogendran < >> [email protected]> wrote: >> >>> Hi All, >>> >>> After migrating the AppManager from kernel 4.2.0 to kernel 4.4.5 , >>> fully qualified name is not working as expected. >>> >>> We use file based SP configuration for Store app and Publisher >>> app(attached sso-idp-config files used in both kernel versions). In kernel >>> 4.2.0 , when login to store/publisher app, SAML response has user name with >>> tenant domain as subject for tenants except carbon super tenant. >>> >>> After migration , SAML response has only user name as subject.Tenant >>> domain is missing for tenants. >>> >>> Also when checked the option "Use tenant domain in local subject >>> identifier" under "Local & Outbound Authentication Configuration" for >>> SPs created through UI, it appends the "carbon.super" domain for super >>> tenant users. >>> >>> Thanks >>> -- >>> Jenananthan Yogendran >>> *Software Engineer,* >>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>> >>> >> >> >> -- >> Dinusha Dilrukshi >> Associate Technical Lead >> WSO2 Inc.: http://wso2.com/ >> Mobile: +94725255071 >> Blog: http://dinushasblog.blogspot.com/ >> > > > > -- > Dinusha Dilrukshi > Associate Technical Lead > WSO2 Inc.: http://wso2.com/ > Mobile: +94725255071 > Blog: http://dinushasblog.blogspot.com/ > -- Omindu Rathnaweera Software Engineer, WSO2 Inc. Mobile: +94 771 197 211
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
