An OSGi bundle that provides a SAML2 Web Profile Service Provider Authentication for Apache Sling using OpenSAML v4 libraries
Sling applications may authenticate users against an Identity Provider (idp) such as Keycloak Server or Shibboleth IDP.
User management is based on the OSGi bundle configuration and SAML2 Assertion
saml2groupMembershipAttrset with the value of the name of the SAML group membership attribute.
syncAttrscan be used to synchronize user properties released by the IDP for profile properties such as given name, family name, email, and phone.
Provide a Service User Mapper OSGI Config
Set up the system user “saml2-user-mgt”
jcr:allto this user on the
Provide a SAML2 OSGI Configuration