On Tue, Jan 23, 2018 at 5:07 PM, Darshana Gunawardana <darsh...@wso2.com> wrote:
> Is this JIT specific issue or this can be seen with simple SSO scenario > when SP request custom claims? > This shouldn't be a JIT specific issue. Mandatory claim was successfully updated to the provisioned user. So, there should be an issue with mandatory claims popup featrue when custom claims are configured. Thanks ISura. > > Thanks, > > On Tue, Jan 23, 2018 at 4:58 PM, Chankami Maddumage <chank...@wso2.com> > wrote: > >> Hi Omudu and Isura, >> >> Thanks you so much for looking into this issue.I have created a git >> ticket [1] >> >> [1]https://github.com/wso2/product-is/issues/2162 >> >> On Tue, Jan 23, 2018 at 3:55 PM, Omindu Rathnaweera <omi...@wso2.com> >> wrote: >> >>> Isura and Myself tested the this in the QA setup. Seems to be this is >>> happening when custom claim mappings are added in the SP's claim configs. >>> >>> @Chankami, Looks like this is a bug. Can you create a git issue with the >>> steps to reproduce. I guess you can test the solution without having the >>> custom claim mappings for the moment. >>> >>> Regards, >>> Omindu. >>> >>> On Tue, Jan 23, 2018 at 2:13 PM, Darshana Gunawardana <darsh...@wso2.com >>> > wrote: >>> >>>> Hi Chankami, >>>> >>>> You might trying with same user who already JIT provisioned.. In that >>>> case, AFAIR association will not be created automatically. If you want to >>>> create association for an already existing user in the IS, you have to >>>> follow steps that Omindu mentioned. >>>> >>>> Thanks, >>>> >>>> On Tue, Jan 23, 2018 at 2:10 PM, Omindu Rathnaweera <omi...@wso2.com> >>>> wrote: >>>> >>>>> Hi Chankami, >>>>> >>>>> I tried a federate JIT scenario for a secondary userstore with FB, >>>>> enabling 'Assert identity using mapped local subject identifier' as Isura >>>>> mentioned and the missing claim was only prompted once as expected. When >>>>> JIT provisioning IS automatically associates the provisioned user and the >>>>> federated user hence it will not prompt for mandatory claims once the user >>>>> submits it in the first time. >>>>> >>>>> Can you login to the provisioned user's dashboard and check the >>>>> 'Associated Accounts' to see an association is created for that user. You >>>>> will need to give login permission for the user in order to login to the >>>>> dashboard. >>>>> >>>>> Regards, >>>>> Omindu. >>>>> >>>>> On Tue, Jan 23, 2018 at 1:07 PM, Chankami Maddumage <chank...@wso2.com >>>>> > wrote: >>>>> >>>>>> Thank you Ayehsha for the explanation. >>>>>> >>>>>> @Isura I enabled the above mentioned property but the behavior is >>>>>> the same. Is there any other property ? >>>>>> >>>>>> On Tue, Jan 23, 2018 at 12:32 PM, Isura Karunaratne <is...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> Hi Chankami, >>>>>>> >>>>>>> Hope you are testing IS 5.4.0. >>>>>>> >>>>>>> Can you try the scenario while enabling "Assert identity using >>>>>>> mapped local subject identifier" in SP "Local & Outbound >>>>>>> Authentication Configuration" section? >>>>>>> >>>>>>> Thanks >>>>>>> Isura. >>>>>>> >>>>>>> On Tue, Jan 23, 2018 at 12:13 PM, Ayesha Dissanayaka < >>>>>>> aye...@wso2.com> wrote: >>>>>>> >>>>>>>> Hi Chankami, >>>>>>>> >>>>>>>> On Tue, Jan 23, 2018 at 11:33 AM, Chankami Maddumage < >>>>>>>> chank...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Hi IAM Team >>>>>>>>> >>>>>>>>> I have scenario to enforce users to provide missing required >>>>>>>>> attributes while getting JIT provisioned to the local system. >>>>>>>>> >>>>>>>>> In order to achieve this I have set a *Mandatory Claim [1] *in SP >>>>>>>>> and also all the users who logged in will provisioning to secondary >>>>>>>>> JDBC >>>>>>>>> user store. >>>>>>>>> >>>>>>>>> *Clarification* >>>>>>>>> >>>>>>>>> Every time already logged in user login to system (Travelocity), >>>>>>>>> it ask to enter the value for the mandatory Claim. >>>>>>>>> >>>>>>>>> So what is the expected behavior ?Or, user should enter value only >>>>>>>>> in first login ? >>>>>>>>> >>>>>>>> This is the expected behavior of the server. >>>>>>>> When SP has mandatory claims defined, corresponding SP application >>>>>>>> is expecting values for the defined claims in the authentication >>>>>>>> response. >>>>>>>> If the user hasn't provied those information to the IDP(Identity >>>>>>>> Server in >>>>>>>> this case) initially, IDP requests those values from the user whenever >>>>>>>> trying to authenticate to the particular SP. >>>>>>>> >>>>>>>> Thanks! >>>>>>>> -Ayesha >>>>>>>> >>>>>>>>> >>>>>>>>> [1]https://docs.wso2.com/display/IS540/Configuring+Claims+fo >>>>>>>>> r+a+Service+Provider >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Best Regards, >>>>>>>>> >>>>>>>>> >>>>>>>>> *Chankami Maddumage* >>>>>>>>> Software Engineer - QA Team >>>>>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>>>>> Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Ayesha Dissanayaka* >>>>>>>> Senior Software Engineer, >>>>>>>> WSO2, Inc : http://wso2.com >>>>>>>> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >>>>>>>> 20, Palm grove Avenue, Colombo >>>>>>>> <https://maps.google.com/?q=20,+Palm+grove+Avenue,+Colombo&entry=gmail&source=g> >>>>>>>> 3 >>>>>>>> E-Mail: aye...@wso2.com <ayshsa...@gmail.com> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Isura Dilhara Karunaratne* >>>>>>> Associate Technical Lead | WSO2 >>>>>>> Email: is...@wso2.com >>>>>>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>>>>>> Blog : http://isurad.blogspot.com/ >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Best Regards, >>>>>> >>>>>> >>>>>> *Chankami Maddumage* >>>>>> Software Engineer - QA Team >>>>>> WSO2 Inc; http://www.wso2.com/. >>>>>> Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250> >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Omindu Rathnaweera >>>>> Senior Software Engineer, WSO2 Inc. >>>>> Mobile: +94 771 197 211 <+94%2077%20119%207211> >>>>> >>>> >>>> >>>> >>>> -- >>>> Regards, >>>> >>>> >>>> *Darshana Gunawardana*Technical Lead >>>> WSO2 Inc.; http://wso2.com >>>> >>>> *E-mail: darsh...@wso2.com <darsh...@wso2.com>* >>>> *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . >>>> Middleware >>>> >>> >>> >>> >>> -- >>> Omindu Rathnaweera >>> Senior Software Engineer, WSO2 Inc. >>> Mobile: +94 771 197 211 <+94%2077%20119%207211> >>> >> >> >> >> -- >> Best Regards, >> >> >> *Chankami Maddumage* >> Software Engineer - QA Team >> WSO2 Inc; http://www.wso2.com/. >> Mobile: +94 (0) 722223096 <%2B94%20%280%29%20773%20381%20250> >> >> > > > -- > Regards, > > > *Darshana Gunawardana*Technical Lead > WSO2 Inc.; http://wso2.com > > *E-mail: darsh...@wso2.com <darsh...@wso2.com>* > *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . > Middleware > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: is...@wso2.com Mob : +94 772 254 810 <+94%2077%20225%204810> Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev