libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions
keycloak-scim/services/src/main/java/org/keycloak/broker/saml
History
Hynek Mlnarik 24a36e6848 KEYCLOAK-4057 Do not include KeyName for brokered IdPs 
Active Directory Federation Services require that the subject name
matches KeyName element when present. While KeyName is beneficial for
Keycloak adapters, it breaks functionality for AD FS as the name
included there is a key ID, not certificate subject expected by AD FS.

This patch contains functionality that excludes KeyName from SAML
messages to identity providers. This behaviour should be made
configurable per client/identity provider and is prepared to do so,
however actual GUI changes are left for a separate patch.
2016-12-09 14:33:40 +01:00
..
mappers Merge pull request #3554 from hassaneinaltememyictu/2.3.0-ictu-change-role-attributeToRoleMapper 2016-12-03 13:43:40 -05:00
SAMLDataMarshaller.java
SAMLEndpoint.java KEYCLOAK-4057 Do not include KeyName for brokered IdPs 2016-12-09 14:33:40 +01:00
SAMLIdentityProvider.java KEYCLOAK-4057 Do not include KeyName for brokered IdPs 2016-12-09 14:33:40 +01:00
SAMLIdentityProviderConfig.java KEYCLOAK-4057 Do not include KeyName for brokered IdPs 2016-12-09 14:33:40 +01:00
SAMLIdentityProviderFactory.java KEYCLOAK-1881 Support for multiple certificates in broker (hardcoded at the moment) 2016-11-04 21:53:43 +01:00