Branch: refs/heads/master
Home: https://github.com/jenkinsci/saml-plugin
Commit: 717fd8cb75b5f8ab65a48fcafded25c1f802f7ac
https://github.com/jenkinsci/saml-plugin/commit/717fd8cb75b5f8ab65a48fcafded25c1f802f7ac
Author: Michael Donohue <michael.dono...@gmail.com>
Date: 2015-10-14 (Wed, 14 Oct 2015)
Changed paths:
A src/main/java/org/jenkinsci/plugins/saml/SamlCrumbExclusion.java
M src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java
Log Message:
-----------
add a crumb exclusion extension for the finishLogin endpoint
Enabling CSRF breaks the SAML login endpoint, since the SAML provider
doesn't produce the right crumb. Since we are validating a login here
there shouldn't be CSRF concerns.
Commit: 462afce1f687b3404ff870db01b76fa85bfb562f
https://github.com/jenkinsci/saml-plugin/commit/462afce1f687b3404ff870db01b76fa85bfb562f
Author: Michael Donohue <michael.dono...@gmail.com>
Date: 2016-01-22 (Fri, 22 Jan 2016)
Changed paths:
M src/main/java/org/jenkinsci/plugins/saml/SamlCrumbExclusion.java
Log Message:
-----------
move 'doFilter' call to the 'true' case
This allows the login sequence to complete properly
Commit: 898fbb509ca8622359ae7f39aa5ef767bb7c0e75
https://github.com/jenkinsci/saml-plugin/commit/898fbb509ca8622359ae7f39aa5ef767bb7c0e75
Author: Michael Donohue <mdono...@structureus.com>
Date: 2016-02-06 (Sat, 06 Feb 2016)
Changed paths:
A src/main/java/org/jenkinsci/plugins/saml/SamlCrumbExclusion.java
M src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java
Log Message:
-----------
Merge pull request #5 from mdonohue/master
add CSRF exclusion for the finishLogin url
Compare:
https://github.com/jenkinsci/saml-plugin/compare/4830247de44d...898fbb509ca8
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
