You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
They use multi-organisational schema so primary identifier should be user@realm.
Now when they log in as [email protected], account name is 'user'.
This is a problem because there could be more logins 'user' for different organisations.
They need to have the username non-stripped so they can fully utilise multi-tenant setup.
Strip Realm from UserID: Strips all data starting with the delimiter character from the user ID. This allows a submitted user ID, such as an email address ([email protected]), to be authenticated as the UserID which is happening now.
They have used trusted header authentication with apache and shibboleth before.
What?
Customer would like to use EPPN (eduPersonPrincipalName) instead of login name for OIDC.
From Support issue: https://github.com/Graylog2/support/issues/58
Why?
They use multi-organisational schema so primary identifier should be user@realm.
Now when they log in as [email protected], account name is 'user'.
This is a problem because there could be more logins 'user' for different organisations.
They need to have the username non-stripped so they can fully utilise multi-tenant setup.
They have used trusted header authentication with apache and shibboleth before.
Customer Environment
Graylog Version: 6.0.3
(created from Zendesk ticket #600)
gz#600
The text was updated successfully, but these errors were encountered: