Based on this epic SAML Core Features we extracted the following issues to test and investigate:
1) "Features". Should we implement a link to login using IDP? (similar to Okta)
2) Check if alfresco admin tools page shows logs and errors properly, if logs don't display too much information. Also a clear error when I cannot log in due to a server misconfiguration (similar to REPO-586)
3) Do we overwrite the user from Keycloak in Share? similar to REPO-1074
4) Test faceted search -similar to REPO-1584
5) Test AIMS with cluster
6) What happens to the Share webscripts when AIMS is in place?
7) How to handle removal of users(and account disable)?
8) AIMS Integration with RM, DW, MM, AOS, SS and all amps REPO-629
9) Logout from DW -do you also log out from Share Keycloak? (potential issue)
10) No matter the authentication chain configuration, the Administrator account should be able to log in with a password and configure the system. Is it relevant to implement this in Share? (similar to REPO-651)
11) When we logout from Keycloak Session do we logout from Share? REPO-675
12) Can I access sites and resources from alfresco if I an not logged in? REPO-592
13) User and properties mapping Keycloak-Share is corect? REPO-685
14) Do we want AIMS to be available for Community Edition?
15) What happens when Share is AIMS configured but ACS does not support it?
16) LDAP and Keycloak. If a system with usersis already in place, which laters implements SSO, what happens to those users? REPO-652
17) If IDP is not working, can you log into Keycloak?
18) When you log into Admin Console or API will you also log into Share?