cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-8457) Make SAML plugin production grade
Date Wed, 15 Jul 2015 13:07:04 GMT


ASF subversion and git services commented on CLOUDSTACK-8457:

Commit 47d2d07eb95a21f2de301461bbf566b489b5650c in cloudstack's branch refs/heads/master from
[;h=47d2d07 ]

CLOUDSTACK-8457: SAML UI Dialog fixes to use local $form

This uses local selector to access the DOM elements, the previous commit
would find a global element which is not in the context and fail changing the
element in the opened dialog.

Signed-off-by: Rohit Yadav <>

This closes #583

> Make SAML plugin production grade
> ---------------------------------
>                 Key: CLOUDSTACK-8457
>                 URL:
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: SAML
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: Future, 4.6.0, 4.5.2
> The current SAML plugin is not well tested with major IdPs used in production such as
Shibboleth. It is also limited to using HTTP-redirect only and does not support HTTP-Post
and other artifacts. Further, the security concerns are not well addressed, for example both
authorization, creation of users/accounts (on first login) and authentication is done by the
plugin which needs to be tested wrt security, addressed and improved.

This message was sent by Atlassian JIRA

View raw message