Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2017-07-27

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:17 MegaMatt joined #openam
01:52 ilbot3 joined #openam
01:52 Topic for #openam is now Chat about the OpenAM project - https://forgerock.github.io - Channel logs at: http://irclog.perlgeek.de/openam/today
07:17 aldaris joined #openam
10:32 MegaMatt joined #openam
11:17 aldaris joined #openam
12:10 auke- Hi. I've implemented a custom SAML SPAttributeMapper and there seems to be a difference in the encoding of the values between SAML and LDAP in the OpenAM session. The values from the LDAP (OpenDJ) are the normal values and the values from the SAML mapper have encoded values (like #38 instead of &).
12:11 auke- Which component could cause this encoding?
12:59 aldaris joined #openam
13:02 aldaris auke- still around?
13:04 auke- yes
13:04 aldaris how do you create the individual Attributes?
13:06 auke- I've implemented com.sun.identity.saml2.plugins.SPAttributeMapper, which creates a HashMap with a Set of Strings as the attribute values
13:08 aldaris left #openam
13:08 aldaris joined #openam
13:09 auke- I looked at the default implementation com.sun.identity.saml2.plugins.DefaultSPAttributeMapper, which unescapes values (XMLUtils.unescapeSpecialCharacters) but doesn't escape the return values.
13:10 auke- Somehow values like a&b end up as a#38b in the session value
13:10 aldaris then have you considered unescaping the values before returning them in the map?
13:12 auke- Yes, i've used XMLUtils.unescapeSpecialCharacters (like in DefaultSPAttributeMapper)
13:13 aldaris can you share your code?
13:18 auke- Simplified version of our mapper: https://pastebin.com/HvGLeQ1u
13:24 aldaris and how does an example assertion look like? You should be able to see them in Federation debug log if you have message level debug logging enabled
13:33 auke- The SAML attribute seems normal: https://pastebin.com/z5S0GiCG
13:35 aldaris can you debug your mapper?
13:42 auke- We have to deploy to an external environment, so i can't change or debug the mapper easily. Creating a proper docker image with OpenAM is on my wishlist...
13:43 aldaris hmm, are you saying that this doesn't happen locally?
13:47 auke- No, I don't have a local test environment. I've implemented the mapper by reading the Java API and hoped for the best it worked, which it doesn't in case of ampersands in the attribute values.
13:47 aldaris very strange :/
13:52 auke- And I don't known what component or which encoding changes & into #38. 38 is the decimal value for, while most encodings use the hexadecimal value (26).
16:32 aldaris joined #openam
17:08 aldaris joined #openam
19:09 aldaris joined #openam
20:00 aldaris joined #openam
20:02 aldaris joined #openam
22:44 ilbot3 joined #openam
22:44 Topic for #openam is now Chat about the OpenAM project - https://forgerock.github.io - Channel logs at: http://irclog.perlgeek.de/openam/today
23:57 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary