Hi All, After migrating the AppManager from kernel 4.2.0 to kernel 4.4.5 , fully qualified name is not working as expected.
We use file based SP configuration for Store app and Publisher app(attached sso-idp-config files used in both kernel versions). In kernel 4.2.0 , when login to store/publisher app, SAML response has user name with tenant domain as subject for tenants except carbon super tenant. After migration , SAML response has only user name as subject.Tenant domain is missing for tenants. Also when checked the option "Use tenant domain in local subject identifier" under "Local & Outbound Authentication Configuration" for SPs created through UI, it appends the "carbon.super" domain for super tenant users. Thanks -- Jenananthan Yogendran *Software Engineer,* *WSO2 inc., http://wso2.com <http://wso2.com>*
<!-- ~ Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. ~ ~ WSO2 Inc. licenses this file to you under the Apache License, ~ Version 2.0 (the "License"); you may not use this file except ~ in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. --> <SSOIdentityProviderConfig> <TenantRegistrationPage>https://stratos-local.wso2.com/carbon/tenant-register/select_domain.jsp</TenantRegistrationPage> <ServiceProviders> <ServiceProvider> <Issuer>store</Issuer> <AssertionConsumerService>https://localhost:9443/store/acs</AssertionConsumerService> <SignResponse>true</SignResponse> <CustomLoginPage>/store/login.jag</CustomLoginPage> </ServiceProvider> <ServiceProvider> <Issuer>social</Issuer> <AssertionConsumerService>https://localhost:9443/social/acs</AssertionConsumerService> <SignResponse>true</SignResponse> <CustomLoginPage>/social/login</CustomLoginPage> </ServiceProvider> <ServiceProvider> <Issuer>publisher</Issuer> <AssertionConsumerService>https://localhost:9443/publisher/acs</AssertionConsumerService> <SignResponse>true</SignResponse> <CustomLoginPage>/publisher/controllers/login.jag</CustomLoginPage> </ServiceProvider> </ServiceProviders> </SSOIdentityProviderConfig>
<!-- ~ Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. ~ ~ WSO2 Inc. licenses this file to you under the Apache License, ~ Version 2.0 (the "License"); you may not use this file except ~ in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. --> <SSOIdentityProviderConfig> <TenantRegistrationPage>https://stratos-local.wso2.com/carbon/tenant-register/select_domain.jsp</TenantRegistrationPage> <ServiceProviders> <ServiceProvider> <Issuer>store</Issuer> <AssertionConsumerServiceURLs> <AssertionConsumerServiceURL>https://localhost:9443/store/acs</AssertionConsumerServiceURL> </AssertionConsumerServiceURLs> <DefaultAssertionConsumerServiceURL>https://localhost:9443/store/acs</DefaultAssertionConsumerServiceURL> <SignResponse>true</SignResponse> <CustomLoginPage>/store/login.jag</CustomLoginPage> </ServiceProvider> <ServiceProvider> <Issuer>social</Issuer> <AssertionConsumerServiceURLs> <AssertionConsumerServiceURL>https://localhost:9443/social/acs</AssertionConsumerServiceURL> </AssertionConsumerServiceURLs> <DefaultAssertionConsumerServiceURL>https://localhost:9443/social/acs</DefaultAssertionConsumerServiceURL> <SignResponse>true</SignResponse> <CustomLoginPage>/social/login</CustomLoginPage> </ServiceProvider> <ServiceProvider> <Issuer>publisher</Issuer> <AssertionConsumerServiceURLs> <AssertionConsumerServiceURL>https://localhost:9443/publisher/acs</AssertionConsumerServiceURL> </AssertionConsumerServiceURLs> <DefaultAssertionConsumerServiceURL>https://localhost:9443/publisher/acs</DefaultAssertionConsumerServiceURL> <SignResponse>true</SignResponse> <CustomLoginPage>/publisher/controllers/login.jag</CustomLoginPage> </ServiceProvider> </ServiceProviders> </SSOIdentityProviderConfig>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev