Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 927254 Details for
Bug 1130604
mod_auth_mellon should send AssertionConsumerServiceURLs in AuthNs for compatibility with JBoss PicketLink-based IdPs
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Engineering patch
0001-Add-support-for-AssertionConsumerServiceURL.patch (text/plain), 1.86 KB, created by
Simo Sorce
on 2014-08-15 19:56:53 UTC
(
hide
)
Description:
Engineering patch
Filename:
MIME Type:
Creator:
Simo Sorce
Created:
2014-08-15 19:56:53 UTC
Size:
1.86 KB
patch
obsolete
>From ffaa2098518c7dec427b51acf06e23c5053c119a Mon Sep 17 00:00:00 2001 >From: Simo Sorce <simo@redhat.com> >Date: Fri, 15 Aug 2014 14:39:58 -0400 >Subject: [PATCH] Add support for AssertionConsumerServiceURL > >Apperently some IdPs like PicketLink insist they reaaaally want to see >AssertionConsumerServiceURL as part of the Authentication Request. > >Provide it if allowed by the SP metadata. > >Signed-off-by: Simo Sorce <simo@redhat.com> >--- > auth_mellon_handler.c | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > >diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c >index 2a0bd741277fb0a986acbf3a72d4c37e01d6827e..242530fbe8e35291d7dc9b388b867ed25dd60d05 100644 >--- a/auth_mellon_handler.c >+++ b/auth_mellon_handler.c >@@ -2642,6 +2642,7 @@ static int am_send_authn_request(request_rec *r, const char *idp, > char *sso_url; > gint ret; > am_dir_cfg_rec *dir_cfg; >+ char *acs_url; > > dir_cfg = am_get_dir_cfg(r); > >@@ -2757,6 +2758,19 @@ static int am_send_authn_request(request_rec *r, const char *idp, > /* sso_url no longer needed. */ > g_free(sso_url); > >+ /* Some IdPs insist they want to see an AttributeConsumerServiceURL >+ * attribute in the authentication request, so try to add one if the >+ * metadata contains one */ >+ acs_url = lasso_provider_get_assertion_consumer_service_url( >+ LASSO_PROVIDER(server), NULL); >+ if (acs_url) { >+ request->AssertionConsumerServiceURL = g_strdup(acs_url); >+ /* Can't set request->ProtocolBinding (which is usually set along side >+ * AssertionConsumerServiceURL) as there is no immediate function >+ * like lasso_provider_get_assertion_consumer_service_url to get them. >+ * So leave that empty for now, it is not strictly required */ >+ } >+ > LASSO_PROFILE(login)->msg_relayState = g_strdup(return_to); > > ret = lasso_login_build_authn_request_msg(login); >-- >1.9.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=927254">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
batkisso
: review+
Actions:
View
|
Diff
Attachments on
bug 1130604
:
927178
| 927254