Hi Omudu and Isura, Thanks you so much for looking into this issue.I have created a git ticket [1]
[1]https://github.com/wso2/product-is/issues/2162 On Tue, Jan 23, 2018 at 3:55 PM, Omindu Rathnaweera <[email protected]> wrote: > Isura and Myself tested the this in the QA setup. Seems to be this is > happening when custom claim mappings are added in the SP's claim configs. > > @Chankami, Looks like this is a bug. Can you create a git issue with the > steps to reproduce. I guess you can test the solution without having the > custom claim mappings for the moment. > > Regards, > Omindu. > > On Tue, Jan 23, 2018 at 2:13 PM, Darshana Gunawardana <[email protected]> > wrote: > >> Hi Chankami, >> >> You might trying with same user who already JIT provisioned.. In that >> case, AFAIR association will not be created automatically. If you want to >> create association for an already existing user in the IS, you have to >> follow steps that Omindu mentioned. >> >> Thanks, >> >> On Tue, Jan 23, 2018 at 2:10 PM, Omindu Rathnaweera <[email protected]> >> wrote: >> >>> Hi Chankami, >>> >>> I tried a federate JIT scenario for a secondary userstore with FB, >>> enabling 'Assert identity using mapped local subject identifier' as Isura >>> mentioned and the missing claim was only prompted once as expected. When >>> JIT provisioning IS automatically associates the provisioned user and the >>> federated user hence it will not prompt for mandatory claims once the user >>> submits it in the first time. >>> >>> Can you login to the provisioned user's dashboard and check the >>> 'Associated Accounts' to see an association is created for that user. You >>> will need to give login permission for the user in order to login to the >>> dashboard. >>> >>> Regards, >>> Omindu. >>> >>> On Tue, Jan 23, 2018 at 1:07 PM, Chankami Maddumage <[email protected]> >>> wrote: >>> >>>> Thank you Ayehsha for the explanation. >>>> >>>> @Isura I enabled the above mentioned property but the behavior is the >>>> same. Is there any other property ? >>>> >>>> On Tue, Jan 23, 2018 at 12:32 PM, Isura Karunaratne <[email protected]> >>>> wrote: >>>> >>>>> Hi Chankami, >>>>> >>>>> Hope you are testing IS 5.4.0. >>>>> >>>>> Can you try the scenario while enabling "Assert identity using mapped >>>>> local subject identifier" in SP "Local & Outbound Authentication >>>>> Configuration" section? >>>>> >>>>> Thanks >>>>> Isura. >>>>> >>>>> On Tue, Jan 23, 2018 at 12:13 PM, Ayesha Dissanayaka <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Chankami, >>>>>> >>>>>> On Tue, Jan 23, 2018 at 11:33 AM, Chankami Maddumage < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi IAM Team >>>>>>> >>>>>>> I have scenario to enforce users to provide missing required >>>>>>> attributes while getting JIT provisioned to the local system. >>>>>>> >>>>>>> In order to achieve this I have set a *Mandatory Claim [1] *in SP >>>>>>> and also all the users who logged in will provisioning to secondary >>>>>>> JDBC >>>>>>> user store. >>>>>>> >>>>>>> *Clarification* >>>>>>> >>>>>>> Every time already logged in user login to system (Travelocity), it >>>>>>> ask to enter the value for the mandatory Claim. >>>>>>> >>>>>>> So what is the expected behavior ?Or, user should enter value only >>>>>>> in first login ? >>>>>>> >>>>>> This is the expected behavior of the server. >>>>>> When SP has mandatory claims defined, corresponding SP application is >>>>>> expecting values for the defined claims in the authentication response. >>>>>> If >>>>>> the user hasn't provied those information to the IDP(Identity Server in >>>>>> this case) initially, IDP requests those values from the user whenever >>>>>> trying to authenticate to the particular SP. >>>>>> >>>>>> Thanks! >>>>>> -Ayesha >>>>>> >>>>>>> >>>>>>> [1]https://docs.wso2.com/display/IS540/Configuring+Claims+fo >>>>>>> r+a+Service+Provider >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Best Regards, >>>>>>> >>>>>>> >>>>>>> *Chankami Maddumage* >>>>>>> Software Engineer - QA Team >>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>> Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Ayesha Dissanayaka* >>>>>> Senior Software Engineer, >>>>>> WSO2, Inc : http://wso2.com >>>>>> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >>>>>> 20, Palm grove Avenue, Colombo >>>>>> <https://maps.google.com/?q=20,+Palm+grove+Avenue,+Colombo&entry=gmail&source=g> >>>>>> 3 >>>>>> E-Mail: [email protected] <[email protected]> >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> *Isura Dilhara Karunaratne* >>>>> Associate Technical Lead | WSO2 >>>>> Email: [email protected] >>>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>>> Blog : http://isurad.blogspot.com/ >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> Best Regards, >>>> >>>> >>>> *Chankami Maddumage* >>>> Software Engineer - QA Team >>>> WSO2 Inc; http://www.wso2.com/. >>>> Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250> >>>> >>>> >>> >>> >>> -- >>> Omindu Rathnaweera >>> Senior Software Engineer, WSO2 Inc. >>> Mobile: +94 771 197 211 <+94%2077%20119%207211> >>> >> >> >> >> -- >> Regards, >> >> >> *Darshana Gunawardana*Technical Lead >> WSO2 Inc.; http://wso2.com >> >> *E-mail: [email protected] <[email protected]>* >> *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . >> Middleware >> > > > > -- > Omindu Rathnaweera > Senior Software Engineer, WSO2 Inc. > Mobile: +94 771 197 211 <+94%2077%20119%207211> > -- Best Regards, *Chankami Maddumage* Software Engineer - QA Team WSO2 Inc; http://www.wso2.com/. Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
