Hello,
I am using the saml handler 2.0 to integrated with IDP for the saml authentication, IDP is only authenticated users, it will not maintains the user groups. So the user groups we create and maintain them in AEM CRX. I am using default group attribute in Saml handler 2.0 of OSGI console, once user authenticated it can have access to login the AEM successfully. After user login to AEM, I add another user group for this user in AEM and save it successfully. However, when I using this account to relogin AEM again, the new user group I just added for this user disappear, only the user group which I configured in default group attribute of saml handler still exist. I believe this is the sync up problem and it will override all user information once user to be authenticated in AEM every time.
But I need to keep and save the user group information which I added in CRX for a user, any solution to keep and save all groups information when user do the saml authentication?
Best Wishes
Owen Wang