This is an automated email from the ASF dual-hosted git repository.
sureshanaparti pushed a commit to branch 4.19
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.19 by this push:
new 7977d1475e2 plugins: make default signature check mandatory (#9357)
7977d1475e2 is described below
commit 7977d1475e23c1a801d7d300810e0dd2d429158f
Author: Rohit Yadav <rohit.ya...@shapeblue.com>
AuthorDate: Tue Jul 9 09:49:27 2024 +0530
plugins: make default signature check mandatory (#9357)
This improves upon #9219, to make the signature checks mandatory by
default but allows for users to relax the setting if they really must.
Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com>
---
.../src/main/java/org/apache/cloudstack/saml/SAML2AuthManager.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git
a/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAML2AuthManager.java
b/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAML2AuthManager.java
index a5dae36581c..27f17cee6b1 100644
---
a/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAML2AuthManager.java
+++
b/plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAML2AuthManager.java
@@ -70,7 +70,7 @@ public interface SAML2AuthManager extends
PluggableAPIAuthenticator, PluggableSe
ConfigKey<Integer> SAMLTimeout = new ConfigKey<Integer>("Advanced",
Integer.class, "saml2.timeout", "1800",
"SAML2 IDP Metadata refresh interval in seconds, minimum value is
set to 300", true);
- ConfigKey<Boolean> SAMLCheckSignature = new ConfigKey<Boolean>("Advanced",
Boolean.class, "saml2.check.signature", "false",
+ ConfigKey<Boolean> SAMLCheckSignature = new ConfigKey<Boolean>("Advanced",
Boolean.class, "saml2.check.signature", "true",
"Whether SAML2 signature must be checked, when enforced and when
the SAML response does not have a signature would lead to login exception",
true);
public SAMLProviderMetadata getSPMetadata();
