PicketLink is not adding a custom attribute in SAMLResponse when a user logs in a second time from another machine

Solution Verified - Updated -

Issue

My user logs in twice to the IDP (different machines) and we do not get our custom attributes from PicketLink on the second login.

We have written our own AttributeManager as suggested in How can we add attributes to a SAML message (picketlink)

We then created a custom login module and deployed it on the PicketLink IDP server.
In the login module, we add a custom attribute to the session object, and then in the AttributeManager we read that attribute from the session, and add it as an attribute to the SAML message.

If a user logs in a second time (on another machine) we don't get this attribute delivered.

Environment

Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content