How to change SAML attribute name
143 views
Skip to first unread message
Richard Frovarp
Sep 19, 2025, 6:13:50 PM (14 days ago) Sep 19
to cas-...@apereo.org
Something changed in 7+. It is now mapping known attributes to the URN
for the Name of the attribute. I have at least one service that despite
saying it needs the friendly name, isn't using that property to find the
attribute.
So I need:
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3">
to be
<saml2:Attribute FriendlyName="mail" Name="mail">
for this one service (and maybe others). Mapping the attribute doesn't
work. I've tried
"attributeNameFormats": {
"@class": "java.util.HashMap",
"urn:oid:0.9.2342.19200300.100.1.3": "basic"
},
but that hasn't worked either. I could probably change the SP to look
for the URNs, but I would really like to take care of this via IdP
service config for the legacy ones that are going to give me trouble.
Thanks,
Richard
for the Name of the attribute. I have at least one service that despite
saying it needs the friendly name, isn't using that property to find the
attribute.
So I need:
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3">
to be
<saml2:Attribute FriendlyName="mail" Name="mail">
for this one service (and maybe others). Mapping the attribute doesn't
work. I've tried
"attributeNameFormats": {
"@class": "java.util.HashMap",
"urn:oid:0.9.2342.19200300.100.1.3": "basic"
},
but that hasn't worked either. I could probably change the SP to look
for the URNs, but I would really like to take care of this via IdP
service config for the legacy ones that are going to give me trouble.
Thanks,
Richard
Derek Badge
Sep 20, 2025, 1:04:41 PM (13 days ago) Sep 20
to CAS Community, Richard Frovarp
Eugene shared this with me and it fixed it for me: "Hey we experienced this we had to add an empty “samlidp-attribute-definitions.json” in your build the path src/main/resources/ . "
Richard Frovarp
Sep 23, 2025, 11:50:10 AM (10 days ago) Sep 23
to CAS Community
Thank you. Using that as a clue, I did some digging yesterday to see if I could figure something else out. I couldn't. So yeah, an empty file just lets it use whatever you have. And as I have been doing in the past, if I want the URNs, I just put them in the mapping in the service.
Thanks again.
Richard
Jérôme Rautureau
Sep 23, 2025, 3:42:41 PM (10 days ago) Sep 23
to CAS Community
Hello guys
I had thé same issue here on a 7.3.0-RC4 instance.
Done the same that said in the previous answer such as create an empty json file (aka {}) and it does the trick.
Thanks
Jérôme Rautureau
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/daa1d23d-9e40-420d-b43d-5125a4de0e0b%40ndsu.edu.
Eugene Willis
Sep 23, 2025, 3:42:53 PM (10 days ago) Sep 23
to cas-...@apereo.org, Community CAS
I believe in 7 build now it has changed how is setting or sending. The empty file sets it back to what applications are expecting to receive.
Sent from my iPhone
On Sep 23, 2025, at 11:50 AM, 'Richard Frovarp' via CAS Community <cas-...@apereo.org> wrote:
Reply all
Reply to author
Forward
0 new messages