Bug #3084

readMetadata.php does not load proper SAML1 IdP endpoints

Added by Olivier Salaun over 4 years ago. Updated over 4 years ago.

Status:ClosedStart date:2014-06-10
Priority:HighDue date:
Assignee:-% Done:

100%

Category:-
Target version:1.19.3
Affected Version:1.19

Description

Hi,

We are using version 1.19 of the WAYF.

We were reported that when contacted using the old WAYF protocol (not Discovery Service), the SWITCH WAYF did not redirect the end user to the right SAML1 URL, but to a SAML2 endpoint instead.

I found out that readMetadata.php processIDPRoleDescriptor() function was not able to extract the SAML1 endpoint in all circumstances, depending on the order where endpoints were listed in the SAML metadata.

Attached is a patch that seems to fix the problem.

get_saml1_idp_handler-100614.patch Magnifier (1.7 KB) Olivier Salaun, 2014-06-10 15:50

History

#1 Updated by Lukas Hämmerle over 4 years ago

  • Status changed from New to In Progress
  • Target version set to 1.19.3

Thanks for the patch. There is indeed a problem with the code there.

#2 Updated by Lukas Hämmerle over 4 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

Added patch. 1.19.3 will soon be released.

Also available in: Atom PDF