[jira] [Commented] (CLOUDSTACK-8034) SAML Unique ID is restricted to 40 chars only
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14273301#comment-14273301 ] ASF subversion and git services commented on CLOUDSTACK-8034: - Commit 0b94f254e86e241ab77ddbf0531d43510deadb95 in cloudstack's branch refs/heads/master from [~rohit.ya...@shapeblue.com] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=0b94f25 ] CLOUDSTACK-8034: Hash user IDs for SAML authentication The User table's UUID column is restricted to 40 chars only, since we don't know how long the nameID/userID of a SAML authenticated user will be - the fix hashes that user ID and takes a substring of length 40 chars. For hashing, SHA256 is used which returns a 64 char length string. - Fix tests, add test cases - Improve checkSAMLUser method - Use SHA256 one way hashing to create unique UUID for SAML users Signed-off-by: Rohit Yadav (cherry picked from commit b2b496288d164fead2c089fb48319e1988b03ce8) Signed-off-by: Rohit Yadav > SAML Unique ID is restricted to 40 chars only > - > > Key: CLOUDSTACK-8034 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8034 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rohit Yadav >Assignee: Rohit Yadav > Fix For: 4.5.0, 4.6.0 > > > Fix for cases where SAML unique IDs returned by IDP is more than 40 chars, > what should be the ideal fix like? -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CLOUDSTACK-8034) SAML Unique ID is restricted to 40 chars only
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14273300#comment-14273300 ] ASF subversion and git services commented on CLOUDSTACK-8034: - Commit b2b496288d164fead2c089fb48319e1988b03ce8 in cloudstack's branch refs/heads/4.5 from [~rohit.ya...@shapeblue.com] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=b2b4962 ] CLOUDSTACK-8034: Hash user IDs for SAML authentication The User table's UUID column is restricted to 40 chars only, since we don't know how long the nameID/userID of a SAML authenticated user will be - the fix hashes that user ID and takes a substring of length 40 chars. For hashing, SHA256 is used which returns a 64 char length string. - Fix tests, add test cases - Improve checkSAMLUser method - Use SHA256 one way hashing to create unique UUID for SAML users Signed-off-by: Rohit Yadav > SAML Unique ID is restricted to 40 chars only > - > > Key: CLOUDSTACK-8034 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8034 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rohit Yadav >Assignee: Rohit Yadav > Fix For: 4.5.0, 4.6.0 > > > Fix for cases where SAML unique IDs returned by IDP is more than 40 chars, > what should be the ideal fix like? -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CLOUDSTACK-8034) SAML Unique ID is restricted to 40 chars only
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14236136#comment-14236136 ] Rohit Yadav commented on CLOUDSTACK-8034: - Commits that restricts this -> https://github.com/apache/cloudstack/commit/77169893441464023422bf1c5786591a46bf1a03 > SAML Unique ID is restricted to 40 chars only > - > > Key: CLOUDSTACK-8034 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8034 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rohit Yadav >Assignee: Rohit Yadav > Fix For: 4.5.0, 4.6.0 > > > Fix for cases where SAML unique IDs returned by IDP is more than 40 chars, > what should be the ideal fix like? -- This message was sent by Atlassian JIRA (v6.3.4#6332)
