Comments (7)
Hi,
there seems to be an inconsistency in SSP 1.14 regarding userid.attribute:
Setting the attribute for the IdP in saml20-idp-hosted.php already results in warnings:
The 'userid.attribute' option has been deprecated.
OTOH the consent module (consent:Consent) still requires the UserID, see https://simplesamlphp.org/docs/stable/consent:consent
NB: since the consent module is run after attributes are filtered the uid-attribute usually is not and should not be available anymore.
Kind regards, Georg
from simplesamlphp.
Hi @gollmann!
The userid.attribute
option has been indeed deprecated, and will be removed in 2.0. That doesn't mean it's no longer in use. It is, in many places, and we'll slowly take it off. It will keep working during 1.14.x as you have seen, and also in 1.15.x, but in the latter there will be alternatives to it for every module or place where it's used.
from simplesamlphp.
@jaimeperez I'm not sure it's useful to start issuing deprecation notices to users if they cannot stop using that configuration setting. Maybe we should just mark it as deprecated in the code?
When the time has come that you indeed do not need to use this option anymore, we'd need to put something in the upgrade notes to tell users what the alternatives are, because that's now also lacking.
from simplesamlphp.
Hi Jaime,
I need help in resolving the error: -
core:TargetedID: Missing UserID for this user. Please check the 'userid.attribute' option in the metadata against the attributes provided by the authentication source
I have done the followings -
- Setup an IdP
- Setup an SP
- Set twitter as the authsource
- My SP receives response when I do not use authproc, it receives all the authentication data from twitter.
- But when I try to add filter, it gives me the above error. I made a change in the twitter mapping file - 'twitter.email' => 'uid',
- What else we need to add in the authsource when we use Twitter:
'twitter' => array(
'authtwitter:Twitter',
'key' => ''.$twitterapikey.'',
'secret' => ''.$twittersecret.'',
'force_login' => FALSE,
'userid.attribute' => 'email',
'attributes' => array(
'IDPEmail' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:email',
),
Any help will be greatly appreciated.
from simplesamlphp.
Hi @w3care,
This is an issue tracker, not a support forum. Please use the mailing list if you need support.
from simplesamlphp.
The consent-module was taken care of. We picked 'identifyingAttribute' as a config setting
from simplesamlphp.
Closing, because I'm pretty sure all objects and/or authprocs now have the 'identifyingAttribute' available
from simplesamlphp.
Related Issues (20)
- composer require is installing Symfony 6.4 for the SimpleSAMLphp 2.1 branch releases HOT 11
- session.state.timeout never work as described in the comment.
- SP->authenicate() broken in master branch HOT 1
- Release 2.1.4: Expected return value from redirectTrustedURL() not provided HOT 1
- The default config.php still uses the core:StatisticsWithAttribute authproc-filter HOT 5
- Fix for bin/initMDSPdo.php wasn't ported to v2.2 HOT 2
- Unhandled exception HOT 4
- Subject-ID - Hashing & Salt identifyingAttribute value HOT 8
- Support Laravel 11 (with Symfony 7.0) HOT 4
- Translations in v2.2 seem broken HOT 11
- Perhaps respect the gettext domain for modules HOT 7
- After update to 2.1.5 and going to startpage, only a Welcome screen appears HOT 5
- 2.1+: Translations are off HOT 8
- Adding Microsoft or Google MFA application support. HOT 2
- Updates to bin/translations translations:update:translatable
- console command does not respect module parameter HOT 1
- AuthData is an empty array in the database but user still can login. HOT 7
- (minor) XML metadata opening tags difference between IdP and SP metadata HOT 1
- SimpleSAML 1.18.7 - ERR_EMPTY_RESPONSE HOT 3
- SCIM Support HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from simplesamlphp.