ipsilon

Clone
Source Code
GIT

67d0db7 Handle unknown SAML2 SP's when logging out

2 files Authored by rcritten 8 years ago, Committed by puiterwijk 8 years ago,
raw patch tree parent
2 files changed. 31 lines added. 7 lines removed.
ipsilon/providers/saml2/logout.py
file modified
+23 -6
ipsilon/providers/saml2idp.py
file modified
+8 -1 
    Handle unknown SAML2 SP's when logging out
    
    In the case where a logout is in progress and an unknown
    SP is in the session list it is marked as logged out and
    logout continues (with logging). This is expected to be
    a fairly rare occurance as it involves adding an SP,
    having users log into it, then removing it and restarting
    Apache.
    
    In the case where a logout request or response is received
    from an unknown SP a 400 is raised. We might be able to
    find a user session but because we can't authenticate the
    SP there is no way to know if this is a request from that
    user or some sort of DoS attack so an error is raised.
    
    https://fedorahosted.org/ipsilon/ticket/187
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
file modified
+23 -6
file modified
+8 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.