WordPress.org

Ready to get started?Download WordPress

Forums

SAML 2.0 Single Sign-On
SAML attribute handling (3 posts)

  1. tomdavidson@fico.com
    Member
    Posted 11 months ago #

    I have been able to get the plugin to authenticate with plugin. Great work. However, I am trying to configure the SP provider to parse the SAML attributes for username, group, etc. and I can't seem to get it work. I have verified that the SAML response contains the attributes, but they don't seem to be parsed or handled properly by the plugin.

    <saml2:AttributeStatement>
                <saml2:Attribute Name = "email" NameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
                    <saml2:AttributeValue xmlns:xs = "http://www.w3.org/2001/XMLSchema"
                                          xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:type = "xs:string">
                        tomdavidson@example.com
                    </saml2:AttributeValue>
                </saml2:Attribute>
                <saml2:Attribute Name = "firstName" NameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
                    <saml2:AttributeValue xmlns:xs = "http://www.w3.org/2001/XMLSchema"
                                          xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:type = "xs:string">Tom
                    </saml2:AttributeValue>
                </saml2:Attribute>
                <saml2:Attribute Name = "userName" NameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
                    <saml2:AttributeValue xmlns:xs = "http://www.w3.org/2001/XMLSchema"
                                          xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:type = "xs:string">
                        tomdavidson@example.com
                    </saml2:AttributeValue>
                </saml2:Attribute>
                <saml2:Attribute Name = "group" NameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
                    <saml2:AttributeValue xmlns:xs = "http://www.w3.org/2001/XMLSchema"
                                          xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:type = "xs:string">
                        Administrator
                    </saml2:AttributeValue>
                </saml2:Attribute>
            </saml2:AttributeStatement>

    http://wordpress.org/plugins/saml-20-single-sign-on/

  2. tomdavidson@fico.com
    Member
    Posted 11 months ago #

    I forgot to add the attribute mapping on the service provider tab:

    Attribute to be used as username: userName
    Attribute to be used as First Name: firstName
    Attribute to be used as Last Name: lastName
    Attribute to be used as E-mail: email
    Attribute to be used as Groups: group

  3. spencerghd
    Member
    Posted 4 months ago #

    were you able to extend the list of attributes to include other elements for example an postal address or mobile number?

Reply

You must log in to post.

About this Plugin

About this Topic