Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2015-09-21

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:48 fairuz joined #openam
00:48 fairuz left #openam
05:57 pcypher joined #openam
06:00 aldaris joined #openam
06:45 KermitTheFragger joined #openam
07:53 aldaris joined #openam
08:34 aldaris1 joined #openam
08:40 noisebleed joined #openam
08:45 noisebleed joined #openam
08:50 aldaris joined #openam
08:59 aldaris1 joined #openam
09:05 noisebleed joined #openam
09:15 noisebleed joined #openam
09:16 aldaris joined #openam
09:34 aldaris joined #openam
09:46 aldaris joined #openam
09:56 noisebleed joined #openam
10:15 noisebleed joined #openam
10:25 noisebleed joined #openam
10:36 noisebleed joined #openam
10:45 noisebleed joined #openam
10:55 noisebleed joined #openam
11:05 noisebleed joined #openam
11:15 noisebleed joined #openam
11:25 noisebleed joined #openam
11:26 aldaris1 joined #openam
11:40 MegaMatt joined #openam
12:04 MegaMatt joined #openam
12:18 mckeanbs joined #openam
12:27 mckeanbs joined #openam
12:30 noisebleed joined #openam
12:31 yawnt joined #openam
12:50 noisebleed joined #openam
13:00 noisebleed joined #openam
13:14 kala_ aldaris: is there a option to treat RelayState as the redirect URL or opaque identifier? I mean how do I specify what the OpenAM should be doing ... redirecting user to the URL or responding with a form to the AssertionConsumerService-URL?
13:16 lazzurs joined #openam
13:18 aldaris the relaystate should be always opaque when involved in SAML transactions
13:18 aldaris the RelayState parameter that may be provided to the various JSP endpoints as a request parameter can be real URL, AM will automatically make it opaque if involved in SAML messages
13:19 kala_ ok
13:20 kala_ so, when we go directly to the openam/SSOPOST/metaAlias/idp endpoint, the RelayState parameter should be opaque string ... after the https://bugster.forgerock.org/jira/browse/OPENAM-3202 fix?
13:21 aldaris 3202 was all about data validation, there is some other data validation related ticket somewhere
13:21 aldaris 3437 comes to my mind
13:22 aldaris and there is 5753
13:22 aldaris which still waits for a fix
13:22 kala_ hmm
13:22 aldaris and there is 3679 too..
13:22 aldaris so relaystate validation appears to be hard :d
13:23 kala_ and the AssertionConsumerService validation cannot be done with wildcards, like we can do goto URL validations
13:23 aldaris indeed
13:23 kala_ then I might be in trouble
13:23 aldaris https://bugster.forgerock.org/jira/browse/OPENAM-476?
13:25 kala_ yeah. the integrator figured that they could perhaps include session identitifier in this URL. I know that the SAML standard recommends using RelayState instead, but that particular OpenAM version, which we are running, probably doesn't have all the referenced bugs fixed
13:41 noisebleed joined #openam
13:46 noisebleed_ joined #openam
16:23 Ooze joined #openam
17:28 aldaris joined #openam
17:55 aldaris joined #openam
18:58 aldaris joined #openam
19:06 noisebleed joined #openam
19:21 aldaris joined #openam
20:30 noisebleed joined #openam
22:35 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary