Test scenarios and setup for testing SSO
| Jira Legacy |
|---|
| server | System Jira |
|---|
| serverId | 4f23a7bf-fe0d-390f-9b92-bdff15338913 |
|---|
| key | DRYD-1518 |
|---|
|
using Auth0 as an IdP
...
Configuration Scenario 11 | |
|---|
Scenario Description | Using untyped Attributes. Email address asserted as username, other id asserted as sso-id with each being asserted in a different attribute |
Precondition | Create a user on CSpace with the email testconfig5@example.com |
Auth0 Mappings | | Code Block |
|---|
{
"mappings": {
"user_id": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
}
} |
|
Auth0 Additional Settings | typedAttributes: false (Verify this by using the debug output option in Auth0 and confirm that the attributes are in fact untyped as in the excerpt below)
|
Relevant SAML Config on CSpace Server | | Code Block |
|---|
<assertion-username-probes>
.<attribute name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
</assertion-username-probes>
<assertion-sso-id-probes>
. <attribute name="http://schemas.auth0.com/identifier" />
</assertion-sso-id-probes> |
|
Relevant IDP Metadata excerpt | <saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string">testconfig5@exampleAttributeValue>testconfig5@example.com</saml:AttributeValue> </saml:Attribute>
<saml:Attribute Name="http://schemas.auth0.com/identifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml:AttributeValue xsi:type="xs:string">auth0AttributeValue>auth0|6729603aba7c0c3e1bdf28d5</saml:AttributeValue> </saml:Attribute>
|
Expected behavior upon initial login | User is found and login succeeds |
Expected behavior after changing email address on Auth0 IdP | User is found and login succeeds (because attribute that is used for sso-id hasn’t changed) |