#189 Ipsilon requires a NameIDPolicy in the SAML Login request
Closed: Fixed None Opened 3 years ago by rcritten.

Ipsilon requires a NameIDPolicy in the SAML Login request but it is optional per the SAML 2.0 spec in section 3.4.1.1.

This is causing a login from salesforce.com to fail because it doesn't provide a Subject at all (which is also optional).


Ok, so this is two bugs in: ipsilon/providers/saml2/provider.py

The first bug is that the debug statement comes before the None check.

The second is that 'if nip.format is None:' should be 'if nip is None or nip.format is None':

And the debugging moved into the conditional.

Fields changed

owner: => rcritten
status: new => accepted

master: 992492e

resolution: => fixed
status: accepted => closed

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: 1.2

2 years ago

Login to comment on this ticket.

Metadata