cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-8457) Make SAML plugin production grade
Date Tue, 14 Jul 2015 06:04:04 GMT


ASF subversion and git services commented on CLOUDSTACK-8457:

Commit 22f877ff15897acdb95c569726af573b28d88dc1 in cloudstack's branch refs/heads/saml-dialog-fix
from []
[;h=22f877f ]

CLOUDSTACK-8457: SAML UI Dialog fixes to use local $form

This uses local selector to access the DOM elements, the previous commit
would find a global element which is not in the context and fail changing the
element in the opened dialog.

Signed-off-by: Rohit Yadav <>

> Make SAML plugin production grade
> ---------------------------------
>                 Key: CLOUDSTACK-8457
>                 URL:
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: SAML
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: Future, 4.6.0, 4.5.2
> The current SAML plugin is not well tested with major IdPs used in production such as
Shibboleth. It is also limited to using HTTP-redirect only and does not support HTTP-Post
and other artifacts. Further, the security concerns are not well addressed, for example both
authorization, creation of users/accounts (on first login) and authentication is done by the
plugin which needs to be tested wrt security, addressed and improved.

This message was sent by Atlassian JIRA

View raw message