cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vogel, Sven" <>
Subject SAML / Keycloak (RH SSO) Authentification Problem
Date Thu, 22 Jun 2017 13:19:53 GMT
Hi Team, Hi Rohit,

we try to integrate keycloak as our SAML IDP. We use CS

1.       We defined users into LDAP and imported them in keycloak

2.       Created a IDP with keycloak and http://XXXX:8080/client/api?command=getSPMetadata
Metadata Information

3.       Map keycloak username to uid


4.       Import User from LDAP and Activate them to the SSO Instance


5.       We Choose the SAML Provider on the Cloudstack login page and we will redirected correctly
to the keycloak login page. we put our credentials into and redirection back to cloudstack
--After that we get the following error

<loginresponse cloud-stack-version="">
Failed to find admin configured username attribute in the SAML Response. Please ask your administrator
to check SAML user attribute name.

6.       When we look at a browser trace with a saml plugin we see a success.


7.       Our SAML Cloudstack Settings / they seems to be okay

our Web Developer tried it with a Simple SAML PHP Library and there all things work with keycloak.
We checked there all values and the uid. You will see the uid are correctly set. saml2.user.attribute.

Best regards

Sven Vogel
Head of Cloud Solutions

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message