diff options
author | Vishakha Agarwal <agarwalvishakha18@gmail.com> | 2018-08-02 16:31:54 +0530 |
---|---|---|
committer | Vishakha Agarwal <agarwalvishakha18@gmail.com> | 2020-03-19 20:14:41 +0530 |
commit | dda426b61a18590a81c5b3af281eb0c410756692 (patch) | |
tree | 80c4df4d98ff8be30b7124b72799f26fb424ed64 /devstack | |
parent | 326b014434cc760ba08763e1870ac057f7917e98 (diff) | |
download | keystone-dda426b61a18590a81c5b3af281eb0c410756692.tar.gz |
Add openstack_groups to assertion
Currently, a keystone IdP does not provide the
groups to which user belong when generating SAML
assertions.This patch adds an additional attribute
called "openstack_groups" in the assertion.
Change-Id: I205e8bbf9a4579b16177f57e29e363f4205a2b48
Closes-Bug: #1641625
Diffstat (limited to 'devstack')
-rw-r--r-- | devstack/files/federation/attribute-map.xml | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/devstack/files/federation/attribute-map.xml b/devstack/files/federation/attribute-map.xml index 4094caad0..6e1b3c7da 100644 --- a/devstack/files/federation/attribute-map.xml +++ b/devstack/files/federation/attribute-map.xml @@ -12,6 +12,7 @@ <Attribute id="openstack_roles" name="openstack_roles"/> <Attribute id="openstack_user" name="openstack_user"/> <Attribute id="openstack_user_domain" name="openstack_user_domain"/> + <Attribute id="openstack_groups" name="openstack_groups"/> <!-- First some useful eduPerson attributes that many sites might use. --> <Attribute name="urn:mace:dir:attribute-def:eduPersonPrincipalName" id="eppn"> |