Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

user group can not be saved for a user when saml enabled

michaelowenwang
Level 2
Level 2

Hello,

I am using the saml handler 2.0 to integrated with IDP for the saml authentication, IDP is only authenticated users, it will not maintains the user groups. So the user groups we create and maintain them in AEM CRX. I am using default group attribute in Saml handler 2.0 of OSGI console, once user authenticated it can have access to login the AEM successfully. After user login to AEM, I add another user group for this user in AEM and save it successfully. However, when I using this account to relogin AEM again, the new user group I just added for this user disappear, only the user group which I configured in default group attribute of saml handler still exist. I believe this is the sync up problem and it will override all user information once user to be authenticated in AEM every time.

But I need to keep and save the user group information which I added in CRX for a user, any solution to keep and save all groups information when user do the saml authentication?

Best Wishes

Owen Wang

1 Accepted Solution
Sham_HC
Correct answer by
Level 10
Level 10

Currently it is as designed. Can be argued as bug or feature. Any case file an official support ticket.  The workaround I can think right now is custom implementation with extending  samlauthentication handler

View solution in original post

1 Reply
Sham_HC
Correct answer by
Level 10
Level 10

Currently it is as designed. Can be argued as bug or feature. Any case file an official support ticket.  The workaround I can think right now is custom implementation with extending  samlauthentication handler

View solution in original post