Sitecore Asked by Arvind Gehlot on December 11, 2021
The configuration for federated authentication, was working fine with the Sitecore version 8.2.
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/" xmlns:role="http://www.sitecore.net/xmlconfig/role/">
<sitecore role:require="Standalone or ContentDelivery or ContentManagement">
<settings>
<setting name="ClientId" value="MyValue" />
<setting name="AADInstance" value="https://login.microsoftonline.com/{0}" />
<setting name="Tenant" value="MyValue" />
<setting name="PostLogoutRedirectURI" value="MyValue" />
<setting name="RedirectURI" value="MyValue" />
</settings>
<pipelines>
<owin.identityProviders>
<processor type="MyValue.Foundation.AzureAD.CustomAzureADIdentityProvider, MyValue.Foundation.AzureAD" resolve="true" />
</owin.identityProviders>
</pipelines>
<federatedAuthentication>
<identityProviders hin="list:AddIdentityProvider">
<identityProvider id="xp0.sc.azureAD"
type="Sitecore.Owin.Authentication.Configuration.DefaultIdentityProvider, Sitecore.Owin.Authentication">
<param desc="name">$(id)</param>
<param desc="domainManager" type="Sitecore.Abstractions.BaseDomainManager" resolve="true" />
<caption>Sign-in with Azure Active Directory</caption>
<domain>sitecore</domain>
<icon>/sitecore/shell/themes/standard/Images/24x24/msazure.png</icon>
<transformations hint="list:AddTransformation">
<transformation name="Idp Claim" ref="federatedAuthentication/sharedTransformations/setIdpClaim" />
<transformation name="Transform to Sitecore DEV Role" type="Sitecore.Owin.Authentication.Services.DefaultTransformation, Sitecore.Owin.Authentication">
<sources hint="raw:AddSource">
<claim name="groups" value="2b53eea7-21e2-49bf-9e9c-607904029ff6" />
</sources>
<targets hint="raw:AddTarget">
<claim name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" value="SitecoreDeveloper" />
</targets>
<keepSource>true</keepSource>
</transformation>
</transformations>
</identityProvider>
</identityProviders>
<propertyInitializer type="Sitecore.Owin.Authentication.Services.PropertyInitializer, Sitecore.Owin.Authentication">
<maps hint="list">
<map name="email claim" type="Sitecore.Owin.Authentication.Services.DefaultClaimToPropertyMapper, Sitecore.Owin.Authentication">
<data hint="raw:AddData">
<!--claim name-->
<source name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" />
<!--property name-->
<target name="Email" />
</data>
</map>
<map name="Name claim" type="Sitecore.Owin.Authentication.Services.DefaultClaimToPropertyMapper, Sitecore.Owin.Authentication">
<data hint="raw:AddData">
<!--claim name-->
<source name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" />
<!--property name-->
<target name="Name" />
</data>
</map>
</maps>
</propertyInitializer>
<identityProvidersPerSites>
<mapEntry name="all" type="Sitecore.Owin.Authentication.Collections.IdentityProvidersPerSitesMapEntry, Sitecore.Owin.Authentication">
<sites hint="list">
<site>shell</site>
<site>login</site>
<site>admin</site>
<site>service</site>
<site>modules_shell</site>
<site>modules_website</site>
<site>website</site>
<site>scheduler</site>
<site>system</site>
<site>publisher</site>
</sites>
<identityProviders hint="list:AddIdentityProvider">
<identityProvider ref="federatedAuthentication/identityProviders/identityProvider[@id='xp0.sc.azureAD']" />
</identityProviders>
<externalUserBuilder type="Sitecore.Owin.Authentication.Services.DefaultExternalUserBuilder, Sitecore.Owin.Authentication">
<param desc="isPersistentUser">true</param>
</externalUserBuilder>
</mapEntry>
</identityProvidersPerSites>
</federatedAuthentication>
When i tried same configuration on Sitecore 9.1, i am getting below exception at transformation of idp claim.
Could not find configuration node:
federatedAuthentication/sharedTransformations/setIdpClaim
Any resolution?
I gone through into the greater details of the issue and found the solution.
I replaced the configuration for Idp Claim transformation from
<transformation name="Idp Claim" ref="federatedAuthentication/sharedTransformations/setIdpClaim" />
to
<transformation name="Idp Claim" type="Sitecore.Owin.Authentication.Services.SetIdpClaimTransform, Sitecore.Owin.Authentication" />
This resolved my issue.
Answered by Arvind Gehlot on December 11, 2021
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP