[jira] [Commented] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994340#comment-16994340
]
ASF subversion and git services commented on SYNCOPE-1525:
--
Commit 1871257 from ilgro...@apache.org
[ https://svn.apache.org/r1871257 ]
[SYNCOPE-1525] Fixing public / private wording as suggested
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Resolved] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò resolved SYNCOPE-1525.
-
Resolution: Fixed
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994332#comment-16994332 ] ASF subversion and git services commented on SYNCOPE-1526: -- Commit 1871251 from ilgro...@apache.org [ https://svn.apache.org/r1871251 ] [SYNCOPE-1526] Fix issue tracking link in docs > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Resolved] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò resolved SYNCOPE-1526. - Resolution: Fixed > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Broken: apache/syncope#5752 (master - 2e84001)
Build Update for apache/syncope - Build: #5752 Status: Broken Duration: 3 mins and 58 secs Commit: 2e84001 (master) Author: Francesco Chicchiriccò Message: [SYNCOPE-1526] Fix issue tracking link in docs View the changeset: https://github.com/apache/syncope/compare/7d15b4c268b0...2e8400196dac View the full build log and details: https://travis-ci.org/apache/syncope/builds/624023976?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the apache/syncope repository going to https://travis-ci.org/account/preferences/unsubscribe?repository=3236582&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.org/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications.
[jira] [Commented] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994319#comment-16994319
]
ASF subversion and git services commented on SYNCOPE-1525:
--
Commit 3869e117bd9c47290e668d939d3d47d4e591e22c in syncope's branch
refs/heads/2_0_X from Francesco Chicchiriccò
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=3869e11 ]
[SYNCOPE-1525] Fixing public / private wording as suggested
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994318#comment-16994318 ] ASF subversion and git services commented on SYNCOPE-1526: -- Commit 26e7297d9c368e1f7519614905d9872a792e25b3 in syncope's branch refs/heads/2_1_X from Francesco Chicchiriccò [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=26e7297 ] [SYNCOPE-1526] Fix issue tracking link in docs > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994315#comment-16994315
]
ASF subversion and git services commented on SYNCOPE-1525:
--
Commit 1f71884ab5ad77ce7890169f36692928f9a16d14 in syncope's branch
refs/heads/master from Francesco Chicchiriccò
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=1f71884 ]
[SYNCOPE-1525] Fixing public / private wording as suggested
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994317#comment-16994317
]
ASF subversion and git services commented on SYNCOPE-1525:
--
Commit adf5efbbb9765a5c967a33d135b454e84210d096 in syncope's branch
refs/heads/2_1_X from Francesco Chicchiriccò
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=adf5efb ]
[SYNCOPE-1525] Fixing public / private wording as suggested
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994316#comment-16994316 ] ASF subversion and git services commented on SYNCOPE-1526: -- Commit 2e8400196dacdaae08f123d3a8a190d69191cdf9 in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=2e84001 ] [SYNCOPE-1526] Fix issue tracking link in docs > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16994320#comment-16994320 ] ASF subversion and git services commented on SYNCOPE-1526: -- Commit 08e02e3bb6ad30e628a71cd2a2008bb7ae60538e in syncope's branch refs/heads/2_0_X from Francesco Chicchiriccò [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=08e02e3 ] [SYNCOPE-1526] Fix issue tracking link in docs > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò updated SYNCOPE-1525:
Fix Version/s: 3.0.0
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6, 3.0.0
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Assigned] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò reassigned SYNCOPE-1526: --- Assignee: Francesco Chicchiriccò > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò updated SYNCOPE-1526: Affects Version/s: 2.0.14 > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.0.14, 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SYNCOPE-1526) Broken link to issues from reference documentation
[ https://issues.apache.org/jira/browse/SYNCOPE-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Francesco Chicchiriccò updated SYNCOPE-1526: Fix Version/s: 3.0.0 2.1.6 2.0.15 > Broken link to issues from reference documentation > -- > > Key: SYNCOPE-1526 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 > Project: Syncope > Issue Type: Bug > Components: documentation >Affects Versions: 2.1.5 >Reporter: Michael Power >Assignee: Francesco Chicchiriccò >Priority: Major > Fix For: 2.0.15, 2.1.6, 3.0.0 > > > In reviewing the reference documentation (found at > [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, > and went to file a bug by clicking the "[submit an > issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top > of the documentation. This link is to the following url: > [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 > instead the following url works: > [https://syncope.apache.org/issue-management] or > https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò updated SYNCOPE-1525:
Affects Version/s: 2.0.14
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò updated SYNCOPE-1525:
Fix Version/s: 2.1.6
2.0.15
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.0.14, 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
> Fix For: 2.0.15, 2.1.6
>
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Assigned] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
[
https://issues.apache.org/jira/browse/SYNCOPE-1525?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò reassigned SYNCOPE-1525:
---
Assignee: Francesco Chicchiriccò
> Documentation indicates sharing private key, hiding public key
> --
>
> Key: SYNCOPE-1525
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
> Project: Syncope
> Issue Type: Bug
> Components: documentation
>Affects Versions: 2.1.5
>Reporter: Michael Power
>Assignee: Francesco Chicchiriccò
>Priority: Major
>
> The reference guide (found at
> [https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
> asymmetric key signing, but when talking about the keys, it mentions that the
> private key should be shared and the public key should remain secret. This
> is the opposite of what is generally practiced. I am assuming that this is a
> typo and that public and private should be switched.
>
> Here is the wording:
> {quote}This configuration requires to specify a key pair: the former key
> value, said _private_, must be shared with clients, while the latter key
> value, said _public_, must be kept secret for internal Core usage.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Created] (SYNCOPE-1526) Broken link to issues from reference documentation
Michael Power created SYNCOPE-1526: -- Summary: Broken link to issues from reference documentation Key: SYNCOPE-1526 URL: https://issues.apache.org/jira/browse/SYNCOPE-1526 Project: Syncope Issue Type: Bug Components: documentation Affects Versions: 2.1.5 Reporter: Michael Power In reviewing the reference documentation (found at [https://syncope.apache.org/docs/2.1/reference-guide.html]) I found an error, and went to file a bug by clicking the "[submit an issue|http://syncope.apache.org/issue-tracking.html]"; link found at the top of the documentation. This link is to the following url: [http://syncope.apache.org/issue-tracking.html]. That URL returns a 404 instead the following url works: [https://syncope.apache.org/issue-management] or https://issues.apache.org/jira/browse/SYNCOPE. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (SYNCOPE-1525) Documentation indicates sharing private key, hiding public key
Michael Power created SYNCOPE-1525:
--
Summary: Documentation indicates sharing private key, hiding
public key
Key: SYNCOPE-1525
URL: https://issues.apache.org/jira/browse/SYNCOPE-1525
Project: Syncope
Issue Type: Bug
Components: documentation
Affects Versions: 2.1.5
Reporter: Michael Power
The reference guide (found at
[https://syncope.apache.org/docs/2.1/reference-guide.html]) references JWT
asymmetric key signing, but when talking about the keys, it mentions that the
private key should be shared and the public key should remain secret. This is
the opposite of what is generally practiced. I am assuming that this is a typo
and that public and private should be switched.
Here is the wording:
{quote}This configuration requires to specify a key pair: the former key value,
said _private_, must be shared with clients, while the latter key value, said
_public_, must be kept secret for internal Core usage.
{quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Created] (SYNCOPE-1524) Social registration does not redirect to self registration page
Andrea Patricelli created SYNCOPE-1524: -- Summary: Social registration does not redirect to self registration page Key: SYNCOPE-1524 URL: https://issues.apache.org/jira/browse/SYNCOPE-1524 Project: Syncope Issue Type: Bug Components: enduser Affects Versions: 2.1.5, 2.0.14 Reporter: Andrea Patricelli Fix For: 2.0.15, 2.1.6 # Enable OIDC or SAML IdP extension # Configure a SAML or OIDC identity provider, flag the option for self registration on missing user, i.e. "SAML-initiated self-registration" # Login with the preferred provider on Enduser You should be redirected to self registration page and see some pre-populated fields (according to the mapping of the IdP provider on Syncope). But no redirection is made, enduser stucks on login form. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Automating Syncope's dependency updates
Hi Misagh, I find your proposal very interesting, so for me +1. Just want to underline that /Renovate/ has recently joined /WhiteSource/ and this is a plus IMHO because /WhiteSource/ is known to deal with the open source security world and the takeover let them provide their offerings for free (a good news for us too :)). Moreover, I remember I heard about /Renovate/ in the front-end world context, it was mentioned to be very useful for all the projects using NPM packages. Regards, Matteo [1] https://renovate.whitesourcesoftware.com/blog/renovate-is-now-part-of-whitesource/ On 11/12/19 15:00, Misagh Moayyed wrote: Hey Team, I suspect most know about this sort of thing, but I thought to share this with you: https://github.com/renovatebot/renovate I think this is a useful tool to allow a Github project such as Syncope to automatically receive dependency updates and become self sufficient. It will attempt to parse the project's dependencies/pom and will then begin to issue pull requests with relevant updates. Its schedule, update policy and inclusion/exclusion rules can all be controlled via a .renovate JSON file. It can run in two ways: 1- As a GitHub app, which would be installed for the Apache org on Github and enabled for select repositories, such as Syncope. This option requires coordination/permission from Apache infra, and updates are then automatic. 2- As a CLI tool, where a committer's personal access token is passed as a command-line argument, and the tool can run as part of CI. This option probably does not require anything from Apache infra [?], and updates can be cancelled as part of the CI job that runs the tool. I am not sure what the CLA policy would be for bots; the second option probably [?] covers this, as PRs are issued on behalf of the committer whose AT is used. Either way, it seems like we need clarification from Apache infra. This is an example of a pull request by the bot: https://github.com/Jasig/uPortal/pull/1849 This is an example of the bot's JSON configuration file: https://github.com/Jasig/uPortal/blob/master/renovate.json How do you feel about this? Is this a good option to pursue and follow up? The bot also has the ability to rebase PRs, and can also take over the merging process automatically if CI passes or other rules allow. (At some point in the future, I think it will also gain the ability to travel back in time and kill Sarah Connor [1], but that has yet to be fully verified.) --Misagh [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator)
[jira] [Commented] (SYNCOPE-957) Multiaccount
[ https://issues.apache.org/jira/browse/SYNCOPE-957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993609#comment-16993609 ] ASF subversion and git services commented on SYNCOPE-957: - Commit 7d56a8171455c8c70a334a15e214f313cfed3c7a in syncope's branch refs/heads/2_1_X from Matteo Alessandroni [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=7d56a81 ] [SYNCOPE-957] Removed unused constant > Multiaccount > > > Key: SYNCOPE-957 > URL: https://issues.apache.org/jira/browse/SYNCOPE-957 > Project: Syncope > Issue Type: New Feature >Reporter: Francesco Chicchiriccò >Assignee: Matteo Alessandroni >Priority: Major > Fix For: 2.1.6, 3.0.0 > > > Users, as groups and any objects, can be mapped to external resources and > pull, push or propagation might result in associating them to accounts there. > So far, there have always been a 1-to-1 correspondence between Syncope users > and external accounts, given a certain mapping for an external resource. > There are use cases, however, when this could be limiting: in particular, the > existence of "service accounts" which can be defined on LDAP or Active > Directory. In such cases, there could be more accounts mapping to a Syncope > user. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SYNCOPE-957) Multiaccount
[ https://issues.apache.org/jira/browse/SYNCOPE-957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993606#comment-16993606 ] ASF subversion and git services commented on SYNCOPE-957: - Commit 9e36bcc1b6239ae3e073227a5ea1da1de9d7014a in syncope's branch refs/heads/2_1_X from Matteo Alessandroni [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=9e36bcc ] [SYNCOPE-957] Fixed missing Pull report for linked accounts > Multiaccount > > > Key: SYNCOPE-957 > URL: https://issues.apache.org/jira/browse/SYNCOPE-957 > Project: Syncope > Issue Type: New Feature >Reporter: Francesco Chicchiriccò >Assignee: Matteo Alessandroni >Priority: Major > Fix For: 2.1.6, 3.0.0 > > > Users, as groups and any objects, can be mapped to external resources and > pull, push or propagation might result in associating them to accounts there. > So far, there have always been a 1-to-1 correspondence between Syncope users > and external accounts, given a certain mapping for an external resource. > There are use cases, however, when this could be limiting: in particular, the > existence of "service accounts" which can be defined on LDAP or Active > Directory. In such cases, there could be more accounts mapping to a Syncope > user. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Re: Automating Syncope's dependency updates
Il 11/12/19 15:00, Misagh Moayyed ha scritto: Hey Team, I suspect most know about this sort of thing, but I thought to share this with you: https://github.com/renovatebot/renovate Wow, it is really widely used. Sounds really interesting to have it on Syncope. +1 for me I think this is a useful tool to allow a Github project such as Syncope to automatically receive dependency updates and become self sufficient. It will attempt to parse the project's dependencies/pom and will then begin to issue pull requests with relevant updates. Its schedule, update policy and inclusion/exclusion rules can all be controlled via a .renovate JSON file. It can run in two ways: 1- As a GitHub app, which would be installed for the Apache org on Github and enabled for select repositories, such as Syncope. This option requires coordination/permission from Apache infra, and updates are then automatic. 2- As a CLI tool, where a committer's personal access token is passed as a command-line argument, and the tool can run as part of CI. This option probably does not require anything from Apache infra [?], and updates can be cancelled as part of the CI job that runs the tool. I am not sure what the CLA policy would be for bots; the second option probably [?] covers this, as PRs are issued on behalf of the committer whose AT is used. Either way, it seems like we need clarification from Apache infra. This is an example of a pull request by the bot: https://github.com/Jasig/uPortal/pull/1849 This is an example of the bot's JSON configuration file: https://github.com/Jasig/uPortal/blob/master/renovate.json How do you feel about this? Is this a good option to pursue and follow up? The bot also has the ability to rebase PRs, and can also take over the merging process automatically if CI passes or other rules allow. (At some point in the future, I think it will also gain the ability to travel back in time and kill Sarah Connor [1], but that has yet to be fully verified.) --Misagh [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator) -- Fabio Martelli https://it.linkedin.com/pub/fabio-martelli/1/974/a44 http://blog.tirasa.net/author/fabio/index.html Tirasa - Open Source Excellence http://www.tirasa.net/index.html?pk_campaign=email&pk_kwd=fm Apache Syncope PMC http://people.apache.org/~fmartelli/
Re: Automating Syncope's dependency updates
Hi Misagh, very interesting tool, +1 for me about setting it up on Syncope. The only thing that comes to my mind is that that we should setup, first, a set of "critical" dependencies to exclude (due to breaking changes or integration issues with other dependencies), I'm thinking about Spring and/or major releases, Wicket, Wicket-bootstrap, etc. Best regards, Andrea Il 11/12/19 15:00, Misagh Moayyed ha scritto: Hey Team, I suspect most know about this sort of thing, but I thought to share this with you: https://github.com/renovatebot/renovate I think this is a useful tool to allow a Github project such as Syncope to automatically receive dependency updates and become self sufficient. It will attempt to parse the project's dependencies/pom and will then begin to issue pull requests with relevant updates. Its schedule, update policy and inclusion/exclusion rules can all be controlled via a .renovate JSON file. It can run in two ways: 1- As a GitHub app, which would be installed for the Apache org on Github and enabled for select repositories, such as Syncope. This option requires coordination/permission from Apache infra, and updates are then automatic. 2- As a CLI tool, where a committer's personal access token is passed as a command-line argument, and the tool can run as part of CI. This option probably does not require anything from Apache infra [?], and updates can be cancelled as part of the CI job that runs the tool. I am not sure what the CLA policy would be for bots; the second option probably [?] covers this, as PRs are issued on behalf of the committer whose AT is used. Either way, it seems like we need clarification from Apache infra. This is an example of a pull request by the bot: https://github.com/Jasig/uPortal/pull/1849 This is an example of the bot's JSON configuration file: https://github.com/Jasig/uPortal/blob/master/renovate.json How do you feel about this? Is this a good option to pursue and follow up? The bot also has the ability to rebase PRs, and can also take over the merging process automatically if CI passes or other rules allow. (At some point in the future, I think it will also gain the ability to travel back in time and kill Sarah Connor [1], but that has yet to be fully verified.) --Misagh [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator) -- Dott. Andrea Patricelli Tel. +39 3204524292 Engineer @ Tirasa S.r.l. Viale Vittoria Colonna 97 - 65127 Pescara Tel +39 0859116307 / FAX +39 085973 http://www.tirasa.net Apache Syncope PMC Member
Re: Automating Syncope's dependency updates
Hi Misagh, renovatebot looks interesting and worth at least to explore the possibility to add it at project's (rather than committer's level). +1 to go ahead and ask Infra team about it. Regards. On 11/12/19 15:00, Misagh Moayyed wrote: > Hey Team, > > I suspect most know about this sort of thing, but I thought to share this > with you: > https://github.com/renovatebot/renovate > > I think this is a useful tool to allow a Github project such as Syncope to > automatically receive dependency updates and become self sufficient. It will > attempt to parse the project's dependencies/pom and will then begin to issue > pull requests with relevant updates. Its schedule, update policy and > inclusion/exclusion rules can all be controlled via a .renovate JSON file. > > It can run in two ways: > > 1- As a GitHub app, which would be installed for the Apache org on Github and > enabled for select repositories, such as Syncope. This option requires > coordination/permission from Apache infra, and updates are then automatic. > > 2- As a CLI tool, where a committer's personal access token is passed as a > command-line argument, and the tool can run as part of CI. This option > probably does not require anything from Apache infra [?], and updates can be > cancelled as part of the CI job that runs the tool. > > I am not sure what the CLA policy would be for bots; the second option > probably [?] covers this, as PRs are issued on behalf of the committer whose > AT is used. Either way, it seems like we need clarification from Apache infra. > > This is an example of a pull request by the bot: > https://github.com/Jasig/uPortal/pull/1849 > > This is an example of the bot's JSON configuration file: > https://github.com/Jasig/uPortal/blob/master/renovate.json > > How do you feel about this? Is this a good option to pursue and follow up? > > The bot also has the ability to rebase PRs, and can also take over the > merging process automatically if CI passes or other rules allow. (At some > point in the future, I think it will also gain the ability to travel back in > time and kill Sarah Connor [1], but that has yet to be fully verified.) > > --Misagh > > [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator) -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
Automating Syncope's dependency updates
Hey Team, I suspect most know about this sort of thing, but I thought to share this with you: https://github.com/renovatebot/renovate I think this is a useful tool to allow a Github project such as Syncope to automatically receive dependency updates and become self sufficient. It will attempt to parse the project's dependencies/pom and will then begin to issue pull requests with relevant updates. Its schedule, update policy and inclusion/exclusion rules can all be controlled via a .renovate JSON file. It can run in two ways: 1- As a GitHub app, which would be installed for the Apache org on Github and enabled for select repositories, such as Syncope. This option requires coordination/permission from Apache infra, and updates are then automatic. 2- As a CLI tool, where a committer's personal access token is passed as a command-line argument, and the tool can run as part of CI. This option probably does not require anything from Apache infra [?], and updates can be cancelled as part of the CI job that runs the tool. I am not sure what the CLA policy would be for bots; the second option probably [?] covers this, as PRs are issued on behalf of the committer whose AT is used. Either way, it seems like we need clarification from Apache infra. This is an example of a pull request by the bot: https://github.com/Jasig/uPortal/pull/1849 This is an example of the bot's JSON configuration file: https://github.com/Jasig/uPortal/blob/master/renovate.json How do you feel about this? Is this a good option to pursue and follow up? The bot also has the ability to rebase PRs, and can also take over the merging process automatically if CI passes or other rules allow. (At some point in the future, I think it will also gain the ability to travel back in time and kill Sarah Connor [1], but that has yet to be fully verified.) --Misagh [1] https://www.wikiwand.com/en/Sarah_Connor_(Terminator)
[jira] [Commented] (SYNCOPE-1511) Configure audit events create/update/etc of users, groups, etc
[ https://issues.apache.org/jira/browse/SYNCOPE-1511?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993410#comment-16993410 ] ASF subversion and git services commented on SYNCOPE-1511: -- Commit 1a5b1d6c83c7a07e97548e43360984a8ea4b6072 in syncope's branch refs/heads/2_1_X from Francesco Chicchiriccò [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=1a5b1d6 ] [SYNCOPE-1511] White noise: rework to allow easier extensions > Configure audit events create/update/etc of users, groups, etc > -- > > Key: SYNCOPE-1511 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1511 > Project: Syncope > Issue Type: New Feature > Components: console, core >Affects Versions: 2.1.5 >Reporter: Misagh Moayyed >Assignee: Misagh Moayyed >Priority: Major > Fix For: 2.1.6, 3.0.0 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Extract and export audit events for user create / update / etc (and extend > support to groups and "any object"s), expose them via dedicated REST > interfaces/ops. Also, make sure data can be reviewed in the admin console via > a new history tool. > This feature shall be cherry-picked into master for 3.0, when ready. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SYNCOPE-1511) Configure audit events create/update/etc of users, groups, etc
[ https://issues.apache.org/jira/browse/SYNCOPE-1511?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993409#comment-16993409 ] ASF subversion and git services commented on SYNCOPE-1511: -- Commit 7d15b4c268b0950b49a55010cb5df6d3c5c0075d in syncope's branch refs/heads/master from Francesco Chicchiriccò [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=7d15b4c ] [SYNCOPE-1511] White noise: rework to allow easier extensions > Configure audit events create/update/etc of users, groups, etc > -- > > Key: SYNCOPE-1511 > URL: https://issues.apache.org/jira/browse/SYNCOPE-1511 > Project: Syncope > Issue Type: New Feature > Components: console, core >Affects Versions: 2.1.5 >Reporter: Misagh Moayyed >Assignee: Misagh Moayyed >Priority: Major > Fix For: 2.1.6, 3.0.0 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > Extract and export audit events for user create / update / etc (and extend > support to groups and "any object"s), expose them via dedicated REST > interfaces/ops. Also, make sure data can be reviewed in the admin console via > a new history tool. > This feature shall be cherry-picked into master for 3.0, when ready. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SYNCOPE-957) Multiaccount
[ https://issues.apache.org/jira/browse/SYNCOPE-957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16993360#comment-16993360 ] ASF subversion and git services commented on SYNCOPE-957: - Commit ed0555ad79574f23a447bb775bd430120d55437e in syncope's branch refs/heads/master from Matteo Alessandroni [ https://gitbox.apache.org/repos/asf?p=syncope.git;h=ed0555a ] [SYNCOPE-957] Added missing sections for reconciliation process > Multiaccount > > > Key: SYNCOPE-957 > URL: https://issues.apache.org/jira/browse/SYNCOPE-957 > Project: Syncope > Issue Type: New Feature >Reporter: Francesco Chicchiriccò >Assignee: Matteo Alessandroni >Priority: Major > Fix For: 2.1.6, 3.0.0 > > > Users, as groups and any objects, can be mapped to external resources and > pull, push or propagation might result in associating them to accounts there. > So far, there have always been a 1-to-1 correspondence between Syncope users > and external accounts, given a certain mapping for an external resource. > There are use cases, however, when this could be limiting: in particular, the > existence of "service accounts" which can be defined on LDAP or Active > Directory. In such cases, there could be more accounts mapping to a Syncope > user. -- This message was sent by Atlassian Jira (v8.3.4#803005)
