Issue #189: Ipsilon requires a NameIDPolicy in the SAML Login request - ipsilon

ipsilon

#189 Ipsilon requires a NameIDPolicy in the SAML Login request

Closed: Fixed None Opened 8 years ago by rcritten.

Ipsilon requires a NameIDPolicy in the SAML Login request but it is optional per the SAML 2.0 spec in section 3.4.1.1.

This is causing a login from salesforce.com to fail because it doesn't provide a Subject at all (which is also optional).

rcritten commented 8 years ago

Ok, so this is two bugs in: ipsilon/providers/saml2/provider.py

The first bug is that the debug statement comes before the None check.

The second is that 'if nip.format is None:' should be 'if nip is None or nip.format is None':

And the debugging moved into the conditional.

rcritten commented 8 years ago

Fields changed

owner: => rcritten
status: new => accepted

rcritten commented 8 years ago

https://pagure.io/ipsilon/pull-request/44

patch_available: 0 => 1

rcritten commented 8 years ago

master: 992492e

resolution: => fixed
status: accepted => closed

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: 1.2

7 years ago

Metadata

Assignee

rcritten

Tags

None

Blocking

None

Depending on

None

Priority

Major

Milestone

1.2

rhbz

None

design_link

None

type

defect

component

Interoperability

version

None

sensitive

patch_available

ipsilon

Source Code

#189 Ipsilon requires a NameIDPolicy in the SAML Login request Closed: Fixed None Opened 8 years ago by rcritten.

Metadata

#189 Ipsilon requires a NameIDPolicy in the SAML Login request

Closed: Fixed None Opened 8 years ago by rcritten.