I have tried to configure SSO with SAML and Alfresco cloud working with a public IDP http://www.ssocircle.com
But I encountered a problem because after authentication on the IDP, Alfresco received back in the assertion the email address used as user id in our cloud but the attribute returned by ssocircle is “emailaddress”, not “email” as expected by Alfresco. Therefore authentication was failing.
line 83: String email = attributes.get(AlfrescoSAMLAttributes.Email.toString().toLowerCase());
If I replace line 83 by:
String email = attributes.get("emailaddress");
then it works fine!
Note: While configuring the IDP adding Alfresco as new service provider, I checked the checkbox asking to include “email” in the assertion.
As guide to the configuration, I have used this video: https://www.youtube.com/watch?v=bk-gCYfNVT8
The application used in the video is not Alfresco but if you look around minute “5:22” in the video there is a sequence where a mapping of NameIDFormat is done. The mapping seems to specify attribute name expected from the IDP and how it will be mapped to a DB field. I can't find something equivalent in Alfresco.
Should that type of mapping be added to Alfresco in order to be able to integrate to more IDPs?