Bug 1397650 - AuthnFailed replies are not handled properly
Summary: AuthnFailed replies are not handled properly
Keywords:
Status: NEW
Alias: None
Product: Bugzilla
Classification: Community
Component: Extensions
Version: 5.0
Hardware: Unspecified
OS: Unspecified
low
unspecified vote
Target Milestone: ---
Assignee: Bug Bot 🤖
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-11-23 04:44 UTC by Jeff Fearn 🐞
Modified: 2022-02-09 01:20 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jeff Fearn 🐞 2016-11-23 04:44:59 UTC 
Description of problem:
When you get an AuthnFailed reply from an IDP the message is not handled properly and the user is presented with an incorrect message.

Version-Release number of selected component (if applicable):
5.0

How reproducible:
On IDP AuthnFailed

Steps to Reproduce:
1. Try to login with an IDP that will reply AuthnFailed

Actual results:
 The IDP's reply failed validation: Crypt::OpenSSL::VerifyX509::verify: x509 is not of type Crypt::OpenSSL::X509 at /usr/share/perl5/vendor_perl/Net/SAML2/Binding/POST.pm line 67. 

Expected results:
Your authentication with the IDP has failed with status: urn:oasis:names:tc:SAML:2.0:status:AuthnFailed

Additional info:
Comment 1 Jeff Fearn 🐞 2016-11-28 01:05:58 UTC 
Need to check status in Login.pm and set failure = AUTH_LOGINFAILED
Comment 2 Jeff Fearn 🐞 2018-06-26 01:24:30 UTC 
This bug has missed the BZ5 feature freeze and has been bumped to 5.x.
Note You need to log in before you can comment on or make changes to this bug.