cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-8457) Make SAML plugin production grade
Date Thu, 09 Jul 2015 21:18:05 GMT


ASF GitHub Bot commented on CLOUDSTACK-8457:

GitHub user bhaisaab opened a pull request:

    CLOUDSTACK-8457: Add option to authorize SAML SSO for user when adding user

    With SAML enabled, add user view shows option to authorize SAML SSO for a user.

You can merge this pull request into a Git repository by running:

    $ git pull saml-adduserfix

Alternatively you can review and apply these changes as the patch at:

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #575
commit c1c67f313a2ba08022b647baa0ca65f134c062c1
Author: Rohit Yadav <>
Date:   2015-07-09T20:56:51Z

    CLOUDSTACK-8457: Add option to authorize SAML SSO for user when adding user
    Signed-off-by: Rohit Yadav <>


> Make SAML plugin production grade
> ---------------------------------
>                 Key: CLOUDSTACK-8457
>                 URL:
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: SAML
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: Future, 4.6.0, 4.5.2
> The current SAML plugin is not well tested with major IdPs used in production such as
Shibboleth. It is also limited to using HTTP-redirect only and does not support HTTP-Post
and other artifacts. Further, the security concerns are not well addressed, for example both
authorization, creation of users/accounts (on first login) and authentication is done by the
plugin which needs to be tested wrt security, addressed and improved.

This message was sent by Atlassian JIRA

View raw message