[ https://issues.apache.org/jira/browse/CLOUDSTACK-8457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14624541#comment-14624541 ]
ASF subversion and git services commented on CLOUDSTACK-8457: ------------------------------------------------------------- Commit 95f3df1f60e488a7376872afac3dfaf53bd5ef29 in cloudstack's branch refs/heads/saml-adduserfix from [~rohit.ya...@shapeblue.com] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=95f3df1 ] CLOUDSTACK-8457: Append IDP domain if append domain setting is enabled Appends a domain to user/account name if global setting is enabled, useful in case of multiple IDP server. By default the setting is set to false (keep as it is). Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com> > Make SAML plugin production grade > --------------------------------- > > Key: CLOUDSTACK-8457 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8457 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) > Components: SAML > Reporter: Rohit Yadav > Assignee: Rohit Yadav > Fix For: Future, 4.6.0, 4.5.2 > > > The current SAML plugin is not well tested with major IdPs used in production > such as Shibboleth. It is also limited to using HTTP-redirect only and does > not support HTTP-Post and other artifacts. Further, the security concerns are > not well addressed, for example both authorization, creation of > users/accounts (on first login) and authentication is done by the plugin > which needs to be tested wrt security, addressed and improved. -- This message was sent by Atlassian JIRA (v6.3.4#6332)