Hi Team,
I have configured my local AEM set up with SAML 2.0 OOTB authentication handler and I am able to authenticate user.
While It is coming to Group Assignment, I have created Local AEM group with same name as Azure AD Security Group.
But user is not getting assigned to this group though it is getting added to default groups specified in SAMl Authentication handler.
Few Configurations:
Autocreate CRX Users : True
Add to Groups : True
Group Membership: http://schemas.microsoft.com/ws/2008/06/identity/claims/groups
NameIdPolicy Format: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Synchronized Attributes: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress=profile/email
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname=profile/givenName
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname...
What I am missing here?
Solved! Go to Solution.
Views
Replies
Total Likes
You can set up a Logger to debug any issues arising from misconfiguring SAML. You can do this by:
Going to the Web Console at http://localhost:4502/system/console/configMgr
Search for and click on the entry called Apache Sling Logging Logger Configuration
Create a logger with the following configuration:
@Aditya3343 groupmembership is the field which should get the group name from assertion response from SAML.. so make sure of that.
You can set up a Logger to debug any issues arising from misconfiguring SAML. You can do this by:
Going to the Web Console at http://localhost:4502/system/console/configMgr
Search for and click on the entry called Apache Sling Logging Logger Configuration
Create a logger with the following configuration:
Views
Likes
Replies
Views
Likes
Replies