Closed mefarazath closed 3 years ago
Thank you for your contribution! We are closing this issue since it has not been prioritized for a long time. Chances are that it has already been solved in more recent versions. If not, we will be re-evaluating this when it becomes a priority.
From IS 5.6.0 we are creating a user accounting association during JIT provisioning (see [1], [2]). This association will later be used to determine whether a user can login as associated local user.
However, this behaviour is not present in 5.3.0. So this is a behavioural change introduced in JIT Provisioning handler. This behavioural change will cause any extensions written extending the provisioning logic not to deliver expected results.
This should be taken into consideration during migration and notify any extension developer to included the behavioural change into his extension.
This should be the same for other extension points as well.
[1] https://github.com/wso2/carbon-identity-framework/blob/master/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/provisioning/impl/DefaultProvisioningHandler.java#L162
[2] https://github.com/wso2/carbon-identity-framework/blob/master/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/provisioning/impl/DefaultProvisioningHandler.java#L176