Hi Hasanthi, When we added this configuration, the expectation was to add the tenant domain to the subject identifier no matter what is used as the subject claim or it is a requested claim (it can be username or telephone number, if this is enabled tenant domain should be appended). If we deviate from this there can be lots of unexpected inconsistencies.
Thanks, Maduranga Siriwardena Senior Software Engineer WSO2 Inc; http://wso2.com/ On May 5, 2017 2:03 PM, "Isura Karunaratne" <[email protected]> wrote: > Hi, > > On Fri, May 5, 2017 at 10:59 AM, Hasanthi Purnima Dissanayake < > [email protected]> wrote: > >> Hi All, >> >> There are few jiras [1],[2],[3],[4] reported related to the above >> attribute and thought of discussing the expected behavior of this attribute. >> >> AFAIU if the above attribute is checked in both federated and local >> scenarios: >> - the tenant domain should append with the sub claim even when the >> username is added as a requested claim or username is set as the subject >> claim uri. >> >> If the above attribute is unchecked : >> - The tenant domain should not append with the sub claim even when the >> user name is subject claim uri or a requested claim. >> > >> [1] https://wso2.org/jira/browse/IDENTITY-5013 >> [2] https://wso2.org/jira/browse/IDENTITY-4931 >> [3]https://wso2.org/jira/browse/IDENTITY-4956 >> [4]https://wso2.org/jira/browse/IDENTITY-4470 >> >> Please let me know if the behavior of this attribute is something >> different. >> > Yes. That is the behavior of 'Use tenant domain in local subject > identifier" attribute. > > Thanks > Isura. > >> >> >> Thanks, >> >> Hasanthi Dissanayake >> >> Software Engineer | WSO2 >> >> E: [email protected] >> M :0718407133| http://wso2.com <http://wso2.com/> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > *Isura Dilhara Karunaratne* > Senior Software Engineer | WSO2 > Email: [email protected] > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
