and more in a single search tool across platforms. Read the announcement here. |
10/18/2022 11:11 AM
Hello all,
We are attempting to set up AzureAD SSO on v2021, with a Single IDP set up. We are referencing the documentation here - https://saviynt.freshdesk.com/support/solutions/articles/43000661162-saml-metadata-files#SAMLMetadat....
There are 2 parameters that we have questions about:
a. grails.plugin.springsecurity.saml.autoCreate.active
b. grails.plugin.springsecurity.saml.autoCreate.key
These attributes suggest that - if the user successfully SSOs with AzureAd and is not found in EIC, then the user will be created in EIC.
We do not want this behavior. If the user doesn't exist in EIC, we don't want them to be logged in. They should just go to the EIC login page or some other page (or logout for e.g.).
Can I just comment these lines out of the config file?
Thanks
10/18/2022 11:47 AM
mark as false instead of commenting
grails.plugin.springsecurity.saml.autoCreate.active=false
grails.plugin.springsecurity.saml.autoCreate.key='username'
10/18/2022 11:01 PM
Hi @Former Member
There are three option you could follow in this scenario:
1. You could mark the parameters as false, as suggested by @rushikeshvartak
or you could
2. Comment it out like below
//grails.plugin.springsecurity.saml.autoCreate.active=false
//grails.plugin.springsecurity.saml.autoCreate.key='username'
or you could
3. All together remove(Delete) the parameters from the AuthenticationConfig.groovy file. Make sure to have a backup of the original file.
Let us know if this helps,