1 Reply Latest reply on Apr 5, 2012 1:05 AM by Al_Maline

    How to pass displayname of Actvie Directory into SAML 2.0 assertion


      I would like to pass displayname attribute of AD into SAML 2.0 response where my Weblogic 10.3 acts as IdP for other SPs outside of my organization. I looked through all the documentation and only thing i could find relevant was to develop my own class which implements SAML2CredentialMapper and SAMLCredentialAttributeMapper interfaces and implement mapSubject() and mapAttribtue() methods respectively and configure my class in Name Mapper Class name in Provider Specific tab on SAML2CredentailMapper.

      My issue is that 1. I do not see my mapAttrbitues() method being called by Weblogic during SAML assertion generation and 2. How do I even populate displayname attribute from my AD into Weblogic’s ContextHandler and also populate in SAML response.

      Please note that my Weblogic has AD Provider configured as one of the authenticators.

      Thanks for you help,