We have an issue in integrating salesforce IDP with AEM. SF cant send
the group atttribute in the AEM required format like this Group1
Group2but it will send the
data like Group1,
Group2....We need to somehow read this
attribute and assign the user with proper groups. It is for the
publisher and we shall be using CUG concept. Not sure if we have write
our own auth handler just to update thsi one field or can we extend the
SAML auth handler and over ride create group method? Any suggestion or
Dear All,I am facing a strange issue. I am using querybuilder api to
search in our website. Requirement is to search both page and assets on
a specific paths and if its asset then look for specific types only like
PDF or word etc and look for the search term in title or description.I
have build the query properly and the predicates looks like
Tuhin Ghosh wrote... By settings I meant configuration in the config
manager. sorry for the confusion. Actually when I was doing a POC with
SAML I also faced this infinite loop issue, but then adding everyone and
content-authors in the default group solved the infinite loop issue for
me. If that is not working for you, then it is something else which may
be causing this issue. idp_cert file is also correct I guess. You may
refer to some of the below community articles. See if these helps.
Also observed that everytime it loop in, it creates a new user token. I
checked in tokenmagr and it keep adding new user token as we loop in.
But if we stop the loop and then hit the URL then it repects that user.
So to conclude, somehow the SAML and AEM login service are not
Tuhin Ghosh wrote... Hi Ravi, Yes, thats how the SAML should work, its
not necessary to have the user present in the crx. Just wondering if you
have tested adding the content-authors group in the settings and check
once. Thanks Tuhin Hi Tuhin, What do you mean by adding in settings? I
have added the default group list in SAML configuration.
Tuhin Ghosh wrote... Hi Ravi, I guess you have not removed the everyone
group. both 'everyone' and 'content-authors' are there, correct? Thanks
Tuhin Hi Tuhin,I had both groups in the default list but still it didnt
Tuhin Ghosh wrote... kindly try adding content -author group and see if
that solves the issue. The ootb saml integration sometime wants an
additional group other than everyone. If that works you could change it
to more meaningful custom group later. Hi Tuhin,I updated the default
group to be content-author but it did not helped. Its still going to the
infinite loop. As I marked earlier, its looping between AEM login
service and SAML login service. One is redirecting to other infinitely.