| Summary: | SAML2Auth date checks fail when datetime has a zero in them | ||
|---|---|---|---|
| Product: | [Community] Bugzilla | Reporter: | Jeff Fearn 🐞 <jfearn> |
| Component: | Bugzilla General | Assignee: | Jeff Fearn 🐞 <jfearn> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | tools-bugs <tools-bugs> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 5.0 | CC: | huiwang, jfearn, mtahir, qgong |
| Target Milestone: | 5.0 | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | 5.0.3-rh8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-10-12 10:59:49 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Jeff Fearn 🐞
2016-09-14 05:24:51 UTC
@Jeff, could you give more detail steps to verify this bug If i run below in qe server, I'm afraid I can't recover back the data of metadata. update saml2auth_idp set metadata = '' where name like 'Fedora%'; (In reply to Rony Gong from comment #1) > @Jeff, could you give more detail steps to verify this bug > > If i run below in qe server, I'm afraid I can't recover back the data of > metadata. > update saml2auth_idp set metadata = '' where name like 'Fedora%'; Fedora is set-up properly so if you just try and login using FAS it will pull the metadata in. After execute: update saml2auth_idp set metadata = '' where name like 'Fedora%'; The try to login by Fedora Account System, click the link 'Fedora Account System', page show error: Parsing of the IDP's metadata failed: Crypt::OpenSSL::X509: failed to read X509 certificate. at /usr/share/perl5/vendor_perl/Net/SAML2/IdP.pm line 168. . Hi Rony, it looks like the metadat athe server is sending is bogus, I had to d/l the metadata, remove the incorrect data, and manually import the metadata. It seems to work fine for loggin in after that. So this isn't a problem with our code AFAICT. Tested on QA environment(5.0.3-rh8) Result: Pass |