honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Fixed broken role mapping link 

Original commit: elastic/x-pack-elasticsearch@97b8fae993
This commit is contained in:
lcawley 2018-02-16 09:58:34 -08:00
parent 3890875a88
commit 5a445c82fb
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/en/security/authentication/saml-guide.asciidoc
View File

@ -614,7 +614,7 @@ PUT /_xpack/security/role_mapping/saml-kibana
The attributes that are mapped via the realm configuration are used to process The attributes that are mapped via the realm configuration are used to process
role mapping rules, and these rules determine which roles a user is granted. role mapping rules, and these rules determine which roles a user is granted.
The <<mapping-roles-rule-field, user fields>> that are provided to the role The user fields that are provided to the role
mapping are derived from the SAML attributes as follows: mapping are derived from the SAML attributes as follows:
- `username`: The `principal` attribute - `username`: The `principal` attribute
@ -622,6 +622,9 @@ mapping are derived from the SAML attributes as follows:
- `groups`: The `groups` attribute - `groups`: The `groups` attribute
- `metadata`: See <<saml-user-metadata>> - `metadata`: See <<saml-user-metadata>>
For more information, see <<mapping-roles>> and
{ref}/security-api-role-mapping.html[Role Mapping APIs].
If your IdP has the ability to provide groups or roles to Service Providers, If your IdP has the ability to provide groups or roles to Service Providers,
then you should map this SAML attribute to the `attributes.groups` setting in then you should map this SAML attribute to the `attributes.groups` setting in
the {es} realm, and then make use of it in a role mapping as per the example the {es} realm, and then make use of it in a role mapping as per the example