By: Tyler Brooks user 01 May 2017 at 7:58 a.m. CDT

6 Responses

What is the best way to go about changing the OID in the claim format to be like the following example: ``` <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://connectauthenticate/sso/email_address" isRequired="true"/> <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://connectauthenticate/sso/first_name" isRequired="true"/> <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="http://connectauthenticate/sso/last_name" isRequired="true"/> ``` Would this be a global change or can I make it site specific?

U1404

closed

By Mohib Zico staff 01 May 2017 at 8:22 a.m. CDT

Copy

These 'names' are really not standard at all, I guess it's from some SP who is requesting attributes to be named like this? I am not sure if it's possible to declare claim / scopes with such big names but here is how you can define new scope in OP: - Create new attribute - Add Scope [ keep the displayName same as attribute ] - Select that new attribute as 'claims'.

By Tyler Brooks user 01 May 2017 at 10:03 a.m. CDT

Copy

Thanks, I'm under the impression that I cannot use the same source attribute to map to multiple destinations under cache refresh, is this true? ![Cache Refresh Settings](http://i66.tinypic.com/nbt5sm.png "enter image title here")

By Mohib Zico staff 01 May 2017 at 10:04 a.m. CDT

Copy

>> Thanks, I'm under the impression that I cannot use the same source attribute to map to multiple destinations under cache refresh, is this true? No, you can use same source attribute to multiple destination ( Gluu Server ) attributes.

By Tyler Brooks user 01 May 2017 at 10:32 a.m. CDT

Copy

After manually adding them for a user I've had success. I'm unable to get the attributes to populate on the GLUU server during cache refresh though. Cache Refresh LOG (This is the same output I've gotten since creating the attributes) ``` 2017-05-01 15:26:53,073 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:303) - Attempting to load entries from source server 2017-05-01 15:26:53,749 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:312) - Found '1,956' entries in source server 2017-05-01 15:26:53,752 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:315) - Found '1,956' unique entries in source server 2017-05-01 15:26:53,851 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:364) - Found '0' changed entries 2017-05-01 15:26:53,851 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:369) - Loaded '0' problem entries from problem file 2017-05-01 15:26:53,862 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:382) - Updated '0' entries 2017-05-01 15:26:53,862 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:384) - Failed to update '0' entries 2017-05-01 15:26:53,871 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:424) - Removed '0' persons from target server 2017-05-01 15:26:53,872 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:439) - There are '1,956' entries before updating inum list 2017-05-01 15:26:53,872 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:443) - There are '1,956' entries after removal '0' entries 2017-05-01 15:26:53,872 INFO [pool-2-thread-7] [gluu.oxtrust.ldap.cache.service.CacheRefreshTimer] (CacheRefreshTimer.java:447) - There are '1,956' entries after adding '0' entries ``` ![Custom Attribute Registration](http://i65.tinypic.com/2evcdv4.png "Custom Attribute Registration") I've tried this as well with no success:![Doubling the source attributes](http://i65.tinypic.com/sy5z7m.jpg "Doubling the source attributes")

By Aliaksandr Samuseu staff 01 May 2017 at 11:32 a.m. CDT

Copy

Hi, Tyler. At the moment, CR can't react to changes done to mappings alone (i.e. if mappings were changed after initial pulling had happened). So it won't update existing entries according to new mappings, but it should start apply new mapping to new entries it will create (if you'll add a new user to backend) or to already pulled in users if they were changed in backend after that. To make it to update everything, please stop CR, flush your CR snapshot directory, and start CR again.

By Tyler Brooks user 01 May 2017 at 12:25 p.m. CDT

Copy

Thank you both, ticket resolved.

You need to Login in order to post an answer

Custom claim format

By: Tyler Brooks user 01 May 2017 at 7:58 a.m. CDT

Answers

By Mohib Zico staff 01 May 2017 at 8:22 a.m. CDT

By Tyler Brooks user 01 May 2017 at 10:03 a.m. CDT

By Mohib Zico staff 01 May 2017 at 10:04 a.m. CDT

By Tyler Brooks user 01 May 2017 at 10:32 a.m. CDT

By Aliaksandr Samuseu staff 01 May 2017 at 11:32 a.m. CDT

By Tyler Brooks user 01 May 2017 at 12:25 p.m. CDT

Post an answer