openam - How to access group details in SAML -
i creating id provider through openam, user details in saml assertion returned, want user group details in assertion,how can it. thnx in advance
there several approaches ...
1) create custom attribute mapper allows put group info assertion
2) create post auth plugin puts group info in session property , use default attribute mapper
3) leverage data store , data store config
this depends on data store being used if data store (e.g. ldap based directory server) provides (operational) attribute shows group info @ user entry can map attribute in data store config , use default attribute mapper.
e.g. opendj provides 'ismemberof' , see real group dns values mapped attribute
Comments
Post a Comment