Jira SAML error Attribute could not be found

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問


プラットフォームについて: Data Center のみ - この記事は、Data Center プラットフォームのアトラシアン製品にのみ適用されます。

要約

After configuring JIT user provisioning, login fails with an error similar to: "Attribute [jira-software-users] could not be found". 

環境

Jira Data Center with SAML SSO for Jira Data Center applications enabled. 

診断

When attempting to login after configuring SAML SSO for Jira Data Center, login fails and an error similar to the example below is seen in the atlassian-jira.log file:

2021-08-23 19:00:00,446+0000 http-nio-8080-exec-45 ERROR anonymous - /plugins/servlet/samlconsumer [c.a.p.a.i.web.filter.ErrorHandlingFilter] Attribute [jira-software-users] could not be found
com.atlassian.plugins.authentication.impl.web.usercontext.impl.jit.JitException: Attribute [jira-software-users] could not be found
at com.atlassian.plugins.authentication.impl.web.usercontext.impl.jit.mapping.SamlUserDataFromIdpMapper.mapGroups(SamlUserDataFromIdpMapper.java:64)
at com.atlassian.plugins.authentication.impl.web.usercontext.impl.jit.mapping.SamlUserDataFromIdpMapper.mapUser(SamlUserDataFromIdpMapper.java:36)
at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.doPost(SamlConsumerServlet.java:102)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:652)

原因

The JIT provisioning field "Groups" does not support mapping expressions and requires only the name of an attribute/claim containing a list of group names. In this example, jira-software-users a value passed for the group attribute from the Identity Provider (IDP) that contains a list of group names. This problem will continue so long as the JIT provisioning field "Groups" does not contain the correct attribute name. 



ソリューション

Change the JIT provisioning field "Groups" to the name of the attribute configured on the IDP that contains a list of group names. 


最終更新日 2021 年 8 月 23 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.