On Wed, Jun 1, 2022 at 6:51 PM Vieri <rentor...@yahoo.com.invalid> wrote:
> Any ideas on this matter? > It's important to correctly honor groups sent via SAML. > > I see this: > > SAMLAuthenticatedUser.java: List<String> samlGroups = > identity.getAttributes().get(confService.getGroupAttribute()); > > called in: > > SAMLAuthenticatedUser.java: private Set<String> > getGroups(AssertedIdentity identity) > > called by: > > SAMLAuthenticatedUser.java: super.init(identity.getUsername(), > credentials, getGroups(identity), getTokens(identity)); > > and in the tomcat log everything seems to be in order: > > o.a.g.a.j.b.E.selectEffectiveGroupIdentifiers - ==> Parameters: > 3(Integer), group1(String), group2(String), My_Group(String), group3(String) > > Does the case of the groups created in JDBC match the case in this log message? So, for example, is your JDBC group called "group1" or "Group1" or "GROUP1"? It needs to match exactly. -NIck
