cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rohit Yadav (JIRA)" <>
Subject [jira] [Created] (CLOUDSTACK-8457) Make SAML plugin production grade
Date Tue, 12 May 2015 14:59:00 GMT
Rohit Yadav created CLOUDSTACK-8457:

             Summary: Make SAML plugin production grade
                 Key: CLOUDSTACK-8457
             Project: CloudStack
          Issue Type: Improvement
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: SAML
            Reporter: Rohit Yadav
            Assignee: Rohit Yadav
             Fix For: Future, 4.6.0, 4.5.2

The current SAML plugin is not well tested with major IdPs used in production such as Shibboleth.
It is also limited to using HTTP-redirect only and does not support HTTP-Post and other artifacts.
Further, the security concerns are not well addressed, for example both authorization, creation
of users/accounts (on first login) and authentication is done by the plugin which needs to
be tested wrt security, addressed and improved.

This message was sent by Atlassian JIRA

View raw message