[
https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15094228#comment-15094228
]
Larry McCay commented on KNOX-641:
----------------------------------
I agree that those improvements can be made through follow up JIRAs, [~jleleu].
A usecase for different usernames would be one in which the email address can
be truncated at the @ sign and assumed to be the username in the Hadoop
cluster. We would then setup the pac4j provider for SAML or OpenIdC and
indicate that we want the email address as the primary principal. Then setup
the regex identity assertion provider to extract the username from the primary
principal.
That said...
Can you provide instructions for SAML with okta so that I can reproduce
(assuming that you used okta)?
I have heard of interest in okta integration in the past as well - so that
would be great to get documented properly.
> Support CAS / OAuth / OpenID C / SAML protocols using pac4j
> -----------------------------------------------------------
>
> Key: KNOX-641
> URL: https://issues.apache.org/jira/browse/KNOX-641
> Project: Apache Knox
> Issue Type: New Feature
> Reporter: Jérôme Leleu
> Assignee: Jérôme Leleu
> Fix For: 0.8.0
>
> Attachments: KNOX-641.patch, knox641.patch2
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
