24a36e6848
Active Directory Federation Services require that the subject name matches KeyName element when present. While KeyName is beneficial for Keycloak adapters, it breaks functionality for AD FS as the name included there is a key ID, not certificate subject expected by AD FS. This patch contains functionality that excludes KeyName from SAML messages to identity providers. This behaviour should be made configurable per client/identity provider and is prepared to do so, however actual GUI changes are left for a separate patch. |
||
---|---|---|
.. | ||
nbproject | ||
src | ||
pom.xml |