News

SWITCHwayf: Version 1.14.1 released

Added by Lukas Hämmerle almost 8 years ago

The following things were changed or corrected:

  • Fixed an encoding bug that affected non-ASCII characters in
    JavaScripts. Thanks to Prof. Kazutsuna Yamaji from the Japanese National
    Institute of Informatics (NII) for reporting this issue.
  • Corrected behaviour of $enableDSReturnParamCheck and
    $useACURLsForReturnParamCheck. There won't be an error anymore if an SP
    has no <idpdisc:DiscoveryResponse> extension defined. In such a case
    there will only be a check if $useACURLsForReturnParamCheck is enabled.
  • Fixed a bug in readMetadata.php that prevented CLI execution
  • Changed the default configuration option to generate the Embedded WAYF
    to false due to some concerns regarding phishing attacks

SWITCHwayf: Version 1.14 released

Added by Lukas Hämmerle about 8 years ago

Among the features is a new security check for the Discovery Service that allows checking the URL given in the 'return' param of a Discovery Service request. The specification states that this parameter SHOULD be checked, which has not been the case up to know. The Embedded WAYF was extended with a new option 'wayf_force_remember_for_session' that allows forcing the "remember for this session" checkbox to be always checked.

The complete list of fixes and changes:
  • Added the configuration option wayf_force_remember_for_session to the Embedded WAYF on request of Wolgang Lierz from ETH Zurich. This option allows setting the remember for session checkbox to true
  • The 'return' parameter of a Discovery Service request can now be checked using the idp-discovery-protocol extension or using the FQDN of all the Service Provider's assertion consumer URLs. The latter alternative is less secure but still offers better security against phising attacks. Have a look at config.dist.php and the README for more detailed explanations on these feature.
  • Metadata parsing now uses DOM XML for PHP5 instead of Simple XML
  • Fixed a minor HTML error in template for Embedded WAYF
  • Sorting within categories works now correctly if SAML2 metadata is used to generate Identity Provider drop down list. Thanks to Kazutsuna Yamaji from the Japanese National Institute of Informatics (NII) for reporting this issue.
  • Fixed a minor bug in templates.php that cause PHP warnings to show up in case an invalid IdP was stored in the cookie.
  • Fixed a bug affecting the Kerberos authentication. Thanks to Robert Basch from MIT for reporting these bugs and for submitting patches.
  • Fixed a bug where hidden IdPs would still be shown in Embedded WAYF

The new version can be downloaded on the Files page

SWITCHwayf: Version 1.13 released

Added by Lukas Hämmerle over 8 years ago

The new version 1.13 of the SWITCHwayf includes a bug fix regarding the state of the "Remember for session" checkbox, which now is remembered correctly across sessions. In addition, a new feature was added which allows an embedded Discovery Service/WAYF to define one or more Identity Providers to show up at the top of the drop-down list in a category "Most often used Home Organizations". Of course, this category name also can be set individually.

1 2 3 4 (31-34/34)

Also available in: Atom