I am having some difficulty while implementation. If I don't provide user_creator service and user authenticated successfully, the system stuck in loop keep redirecting to IdP and IdP keep sending back to SP. I think this is because the user not authorized so token not generated so SP send to IdP but user is authenticated so IdP send back user to SP.
I remember I had a similar issue in SamlSPBundle and I overcome this by setting user role to something which is not in system. This stops the user at SP with 403 error as user is not authorized. I unable to do same here unless I have to override authenticate function in LightsSamlSpAuthenticationProvider.
Is there some better way to handle this case without overriding? I am avoiding this as it is hard to maintain for subsequent updates. Thanks
Hi,
I am having some difficulty while implementation. If I don't provide user_creator service and user authenticated successfully, the system stuck in loop keep redirecting to IdP and IdP keep sending back to SP. I think this is because the user not authorized so token not generated so SP send to IdP but user is authenticated so IdP send back user to SP.
I remember I had a similar issue in SamlSPBundle and I overcome this by setting user role to something which is not in system. This stops the user at SP with 403 error as user is not authorized. I unable to do same here unless I have to override
authenticate
function inLightsSamlSpAuthenticationProvider
.Is there some better way to handle this case without overriding? I am avoiding this as it is hard to maintain for subsequent updates. Thanks