发起问题

jj-ac 的档案 - activity

2019-07-03 07:09:29 -0500 获得奖牌  受欢迎的问题 (source)
2019-07-03 07:09:29 -0500 获得奖牌  著名问题 (source)
2019-07-03 07:09:29 -0500 获得奖牌  热门的问题 (source)
2017-05-09 06:13:49 -0500 评论问题 Mapping of user attributes in saml Federation

we also confirmed the mail attribute isn't empty by using it as username and vice versa

2017-05-09 06:11:11 -0500 问了问题 Mapping of user attributes in saml Federation

Hi everybody, we setup a (miratis fuel) Mitaka Environment. We also have configured saml Federation (with Sibboleth). We noticed that the mapping for the user attribute email wont work. We configure it like this:

    [{
                "local": [{
                        "user": {
                                "name": "{0}",
                                "email": "{1}"
                        },
                        "group": {
                                "name": "shib-group-users",
                                "domain": { "id": "12345abcd"}
                        }
                }],
                "remote": [{
                        "type": "persistent-id"
                }, {
                        "type": "mail"
                }]
}]

since Openstack mapping create accepts this mapping and login works, we expect it to be correct.

Expected result:

root@node-9:~# openstack user list --long
+----------+-------+---------+----------+-------------+----------------------+---------+
| ID       | Name  | Project | Domain   | Description | Email                | Enabled |
+----------+-------+---------+----------+-------------+----------------------+---------+
| 12345abc | admin |         | default  |             | admin@localhost      | True    |
| 23451bca | usera |         | None     |             | usera@dom.tld        | True    |
| 34512cab | userb |         | None     |             | userb@dom.tld        | True    |

what we get:

root@node-9:~# openstack user list --long
+----------+-------+---------+----------+-------------+----------------------+---------+
| ID       | Name  | Project | Domain   | Description | Email                | Enabled |
+----------+-------+---------+----------+-------------+----------------------+---------+
| 12345abc | admin |         | default  |             | admin@localhost      | True    |
| 23451bca | usera |         | None     |             |                      | True    |
| 34512cab | userb |         | None     |             |                      | True    |

First question: what's wrong? our expectation, our mapping or is this simply a bug/not implemented

Second question: will this cane in the future or already has changed in newer releases?

Thanks for your response

2017-04-07 02:37:04 -0500 获得奖牌  拥护者 (source)
2017-04-04 17:18:41 -0500 问了问题 Why there is no email stored for federated users

We have setup a Mitaka OpenStack environment with a Shibbolet federation. The users are mapped with an email address, but when w do openstack user list --long there are no email addresses listed for those federated users?