<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=FR link=blue vlink="#954F72"><div class=WordSection1><p class=MsoNormal>Hi,</p><p class=MsoNormal>By default, mitreid look<span lang=EN-US> for user info into the table user_info.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>However, you can develop your own user info repository to fetch data from elsewhere.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>For instance, in a ldap server:</span><span lang=EN-US><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US>https://github.com/mitreid-connect/ldap-openid-connect-server/blob/master/ldap-server-overlay/src/main/java/edu/mit/kit/repository/impl/LdapUserInfoRepository.java</span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Envoyé de mon téléphone Windows 10</p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><div style='mso-element:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal style='border:none;padding:0cm'><b>De : </b><a href="mailto:ondrejvelisek@gmail.com">Ondřej Velíšek</a><br><b>Envoyé le :</b>jeudi 14 juillet 2016 12:53<br><b>À : </b><a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a><br><b>Objet :</b>[mitreid-connect] Persist user additional info</p></div><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif'><o:p> </o:p></span></p><p class=MsoNormal>Hi all,</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I try to use mitreid connect server with its overlay system. I have</p><p class=MsoNormal>apache infront of the mitreid srv, which is responsible for</p><p class=MsoNormal>authentication. I use preautheticationFilter. It somehow works.</p><p class=MsoNormal>However I cannot see any profile info in mitreid webapp.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>>From my naive point of view I need pass some object with unique userid</p><p class=MsoNormal>and other info (Such as names, email, ... for id_token) to mitreid and</p><p class=MsoNormal>it will save it in its DB. Such as Spring's UserDetails but it is too</p><p class=MsoNormal>simple or MItre's UserInfo but i do not know how to pass it and it</p><p class=MsoNormal>still does not contains any Map<String, String> for additional info</p><p class=MsoNormal>which I need to save.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>The problem is I need to add and persist additional info about the</p><p class=MsoNormal>person (few strings) and then get it with introspection. Actually in</p><p class=MsoNormal>general I do not know how to pass info about user to mitreid and</p><p class=MsoNormal>persist it. I've tried a few experiments without success.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I need it because user has more digital identities. So in</p><p class=MsoNormal>PreAuthenticationFilter I call external service which returns unique</p><p class=MsoNormal>userId from his identity and I use it in Mitre. However Resource</p><p class=MsoNormal>server needs to know which identity user used to generate token. So</p><p class=MsoNormal>the digital identity needs to be persisted in Mitre.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>So far this is my user-context.xml</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><mvc:view-controller path="/login" view-name="login" /></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><security:http auto-config="false" use-expressions="true"</p><p class=MsoNormal>entry-point-ref="http403EntryPoint" ></p><p class=MsoNormal> <security:intercept-url pattern="/authorize" access="hasRole('ROLE_USER')" /></p><p class=MsoNormal> <security:intercept-url pattern="/**" access="permitAll" /></p><p class=MsoNormal> <security:custom-filter ref="perunAuthenticationFilter"</p><p class=MsoNormal>position="PRE_AUTH_FILTER" /></p><p class=MsoNormal> <security:anonymous /></p><p class=MsoNormal></security:http></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><bean id="perunAuthenticationFilter"</p><p class=MsoNormal> class="cz.metacentrum.perun.oidc.PerunAuthenticationFilter"></p><p class=MsoNormal> <property name="authenticationManager" ref="authenticationManager" /></p><p class=MsoNormal></bean></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><security:authentication-manager alias="authenticationManager"></p><p class=MsoNormal> <security:authentication-provider ref="preauthAuthProvider" /></p><p class=MsoNormal></security:authentication-manager></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><bean id="preauthAuthProvider"</p><p class=MsoNormal> class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"></p><p class=MsoNormal> <property name="preAuthenticatedUserDetailsService"</p><p class=MsoNormal>ref="userDetailsService"/></p><p class=MsoNormal></bean></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><bean class="cz.metacentrum.perun.oidc.PerunUserDetailsService"</p><p class=MsoNormal>id="userDetailsService"/></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I hope I explain it well. I will be glad for any help.</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>cheers</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Ondrej</p><p class=MsoNormal>_______________________________________________</p><p class=MsoNormal>mitreid-connect mailing list</p><p class=MsoNormal>mitreid-connect@mit.edu</p><p class=MsoNormal>http://mailman.mit.edu/mailman/listinfo/mitreid-connect</p><p class=MsoNormal><o:p> </o:p></p></div></body></html>