cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FEDIZ-192) SAML customSTSParameter not propagated when using form-login
Date Tue, 28 Feb 2017 12:45:45 GMT

    [ https://issues.apache.org/jira/browse/FEDIZ-192?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15887925#comment-15887925
] 

ASF GitHub Bot commented on FEDIZ-192:
--------------------------------------

GitHub user gonzalad opened a pull request:

    https://github.com/apache/cxf-fediz/pull/12

    FEDIZ-192 - customSTSParameter propagation

    This fix enables propagating the customSTSParameter
    SAML parameter to the Validator class.
    
    The issue was caused by Spring Security which redirects
    the user to a /login page (without the original parameters)
    
    To handle this case, we :
     * get the custom parameter from HTTP parameters
       (as previously).
     * if not found we lookup in the Spring Security
       savedRequest (aka requestCache).

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/gonzalad/cxf-fediz FEDIZ-192

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf-fediz/pull/12.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #12
    
----
commit 8760ca7259035d3381451973a8796591aaafa0be
Author: gonzalad <adr_gonzalez@yahoo.fr>
Date:   2017-02-28T12:20:16Z

    FEDIZ-192 - customSTSParameter propagation
    
    This fix enables propagating the customSTSParameter
    SAML parameter to the Validator class.
    
    The issue was caused by Spring Security which redirects
    the user to a /login page (without the original parameters)
    
    To handle this case, we :
     * get the custom parameter from HTTP parameters
       (as previously).
     * if not found we lookup in the Spring Security
       savedRequest (aka requestCache).

----


> SAML customSTSParameter not propagated when using form-login
> ------------------------------------------------------------
>
>                 Key: FEDIZ-192
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-192
>             Project: CXF-Fediz
>          Issue Type: Bug
>    Affects Versions: 1.4.0
>            Reporter: gonzalad
>
> When I use customSTSParameter with a form-login, the customSTSParameter parameter isn't
sent to my Validator class : 
> this kind of code [CustomUTValidator|https://github.com/apache/cxf-fediz/blob/d18087dd4081d932d57c8677880059d1c3472690/systests/custom/src/test/java/custom/CustomUTValidator.java#L56]
will  return a null value.
> To reproduce this issue :
> * mvn clean install fediz.
> * edit cxf-fediz/systests/custom/target/tomcat/idp/webapps/fediz-idp/WEB-INF/config/security-up-config.xml.
>    ** add under security:http pattern="/federation/up/**" :
> {code}
> <security:custom-filter before="FORM_LOGIN_FILTER" ref="requestContextFilter"/>
> {code}
>    ** comment <security:http-basic />
>    ** uncomment 
> {code}
> <security:form-login login-page='/federation/up/login'
>     login-processing-url="/federation/up/login.do"
>     authentication-failure-url="/federation/up/login?error" 
>     default-target-url="/"
>     username-parameter="username" 
>     password-parameter="password"
>   />
> {code}
> * run CustomParametersTest#testCustomParameterViaRP() unit test.
>   Set the necessary ports (i.e. -Didp.https.port=20001 -Drp.https.port=20002)
> * Put a breakpoint to stop the test once the sample, IDP and STS servers are started.
> * Open a browser and https://localhost:20002/fedizhelloworld/secure/fedservlet
> * You're redirected to idp
> * Login with alice credentials
> You'll get a `Login Failed` (because custom parameter hasn't been propagated : realm
variable is null in CustomUTValidator)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message