Allow setting of "retrieveParametersFromServer" #403
Assignees
Labels
Comments
|
Asked in SAML-Toolkits/php-saml#466 if we can remove this setting completely. |
LukasReschke
added a commit
that referenced
this issue
May 4, 2021
Some SAML servers require this type of decoding, otherwise the SLO request fails. Ideally the library would perform both verifications (SAML-Toolkits/php-saml#466), but it seems upstream doesn't want to perform this change. Until we have considered a better solution for this, this adds a new checkbox that one can configure. Ref #403 Signed-off-by: Lukas Reschke <[email protected]>
LukasReschke
added a commit
that referenced
this issue
May 5, 2021
Some SAML servers require this type of decoding, otherwise the SLO request fails. Ideally the library would perform both verifications (SAML-Toolkits/php-saml#466), but it seems upstream doesn't want to perform this change. Until we have considered a better solution for this, this adds a new checkbox that one can configure. Ref #403 Signed-off-by: Lukas Reschke <[email protected]>
|
Solved with #525 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have been setting up a SSO/SLO environment with other applications (WordPress, and Microsoft OWA) using Microsoft ADFS as iDP . I had a weird issue when logged in into more than one application (NextCloud included) and initiating the logout from one of the other applications. NextCloud SLO proccess broke the chain of SAML Logout Requests/Responses not finishing its' own logout and not allowing the iDP to logout the rest of applications.
I have been able to fix the issue editing the file /apps/user_saml/lib/Controller/SAMLController.php and setting requestParametersFromServer to true in the porcessSLO call at line 354
[...]
$targetUrl = $auth->processSLO($keepLocalSession, null, true, null, $stay);
[...]
SAML-Toolkits/php-saml#130
The text was updated successfully, but these errors were encountered: