-
Type:
Improvement
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 8.10
-
Fix Version/s: QualifiedToSchedule
-
Component/s: Authentication, SAML
-
Tags:
-
Backlog priority:500
I am attempting to complete Okta integration using the saml2-authentication add-on on and the nuxeo-usermapper service. The problem is that there is no way to assign groups from the mapperScript when using JavaScript; there is no context object for the group assignment (check out org.nuxeo.usermapper.extension.NashornUserMapper.java). I am following the readme here:
https://github.com/nuxeo/nuxeo/blob/master/nuxeo-services/nuxeo-usermapper/README.md
Without group assignment, the js mapperScript is actually not useful, unless the groups are manually assigned after the user has connected at least once, because you end up with a user who has no groups.
NB: I am assuming that I will be able to complete the group assignment using Groovy; even though there is no context object for groups, I can create one.