Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13350

RH-SSO does not handle hardcoded role mapper correctly with several IDPs

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: RH-SSO-7.3.6
    • Fix Version/s: None
    • Component/s: Protocol - SAML, RH-SSO
    • Labels:
      None
    • Docs QE Status:
      NEW
    • QE Status:
      NEW
    • QE Test Coverage:
      -

      Description

      When user is authenticating for the first time against an IDP, the user is created and the Identity Provider mapper hardcoded role is added to the effective user role list.

      When the user (once created) is authenticating against another IDP, the hardcoded role coming from the Identity Provider mapper relative to this IDP is ignored, and never added to the user effective Role list.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                orivat_redhat Olivier Rivat
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: