漏洞
Manually-created members in the ArcGIS Enterprise portal are not automatically added into Security Assertion Markup Language (SAML) groups.
| 漏洞 ID 编号 | BUG-000167760 |
|---|---|
| 已提交 | May 23, 2024 |
| 上次修改时间 | June 17, 2025 |
| 适用范围 | Portal for ArcGIS |
| 找到的版本 | 11.2 |
| 操作系统 | Windows Server |
| 操作系统版本 | 2022 |
| 状态 | Known Limit |
附加信息
All communication related to users and groups for SAML logins is only one way: from the SAML identity provider (IdP) to Portal for ArcGIS. The SAML IdP must be configured to send the group attribute and value in the SAML assertion. When manually adding users into the ArcGIS Enterprise portal through the 'Add members for organization-specific login' option and attempting to add the users into existing SAML-based groups, those users are not added into those groups. This is because no group attribute or value is being communicated between the ArcGIS Enterprise portal and the IdP. Since it is not possible to establish a SAML connection between the IdP and the ArcGIS Enterprise portal when users are manually created, the workflow of manually adding users into existing SAML groups is a known limitation of the SAML protocol.解决办法
Log in to the ArcGIS Enterprise portal through SAML for the first time. User types and roles can be altered by the administrator, and SAML groups are to be correctly assigned on login.
Similarly, users can alter their IdP settings to communicate group information through SAML to the ArcGIS Enterprise portal through the group names rather than IDs.
重现步骤
漏洞 ID: BUG-000167760
软件:
- Portal for ArcGIS
当漏洞状态发生变化时获得通知
发现关于本主题的更多内容
搜索相关信息
查找与此主题相关的培训
探索想法并提供反馈
获取来自 ArcGIS 专家的帮助
下载 Esri 支持应用程序