wornet-mwo commented on issue #4519:
URL: https://github.com/apache/cloudstack/issues/4519#issuecomment-2260154287
As the documentation does not state the exact verification of signatures:
The linked and integrated PR expects the whole SAMLResponse to be signed, not
only the assertion. As f
NuxRo commented on issue #4519:
URL: https://github.com/apache/cloudstack/issues/4519#issuecomment-2226463343
@ngrosc - regarding this issue, please ping me: n...@apache.org, need some
info from you.
--
This is an automated message from the Apache Git Service.
To respond to the message, p
rohityadavcloud commented on issue #4519:
URL: https://github.com/apache/cloudstack/issues/4519#issuecomment-2164504118
Fixed by https://github.com/apache/cloudstack/pull/9219
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub an
rohityadavcloud closed issue #4519: SAML signature is optional
URL: https://github.com/apache/cloudstack/issues/4519
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscr
rohityadavcloud commented on issue #4519:
URL: https://github.com/apache/cloudstack/issues/4519#issuecomment-2160475777
I tend to agree with @mlsorensen 's remarks, if the IDP
configuration/metadata has the signing key then the signature check would be
performed. I'm less worried about the
