Skip to content
Snippets Groups Projects
Commit f5024c3c authored by Art's avatar Art :lizard:
Browse files

Remove the hardcoded "IDMGroups" expected from IdP

parent 6018a8f1
Branches
No related tags found
No related merge requests found
......@@ -32,6 +32,8 @@ SSO_REQUIRED_OUTSIDE_MANAGE_PY = True # enabled to ensure that production (that
SP_SLS_ENABLED = False # single log out creates too many problems, so it is disabled for now
SP_SLS_X_FRAME_OPTIONS = None # in case you encounter problems with SLS view not allowed inside of an iframe, e.g. "ALLOW-FROM idp-test.it.hs-hannover.de idp.hs-hannover.de"
GROUPS_SAML_ATTRIBUTE = "IDMGroups" # this SAML attribute is expected to contain list of groups for a user
"""
Settings you might want to change on development (don't change them for production):
"""
......
......@@ -28,7 +28,7 @@ ATTRIBUTE_MAPPING = dict(
forename="urn:oid:2.5.4.42",
surname="urn:oid:2.5.4.4",
uuid="UUID",
idm_groups="IDMGroups",
groups=app_settings.GROUPS_SAML_ATTRIBUTE,
)
......@@ -195,7 +195,7 @@ class ACSAuthNView(SAMLMixin, View):
)
auth_utils.set_user_groups(
user=user,
group_dn_list=get_attr("idm_groups", nullable=True, multivalued=True) or list()
saml2_groups=get_attr("groups", nullable=True, multivalued=True) or list()
)
auth_utils.cleanup_direct_permissions(user=user)
auth_utils.set_user_compat_flags(user=user)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment