All work
- Mapped Attribute Definition does not implements all the common AttributesIDP-2036Resolved issue: IDP-2036Rod Widdowson
- Status page is misreporting uptimeIDP-1850Resolved issue: IDP-1850Scott Cantor
- Split off secrets into separate property fileIDP-1523Resolved issue: IDP-1523Rod Widdowson
- TestNG @BeforeTest and @AfterTest are being misusedIDP-1508Resolved issue: IDP-1508Scott Cantor
- Avoid object creation in the external web flowsIDP-1502Resolved issue: IDP-1502Scott Cantor
- Metadata container doesn't have ApplicationContext setIDP-1501Resolved issue: IDP-1501Rod Widdowson
- Spring context reloads failing on parent beans property type conversionsIDP-1482
- SAML 2 Response Destination not properly URI encodedIDP-1468Resolved issue: IDP-1468Scott Cantor
- Authentication finalize action fails to overwrite previous active flow resultIDP-1463Resolved issue: IDP-1463Scott Cantor
- RuntimeException when using CAS and consentIDP-1459Resolved issue: IDP-1459Scott Cantor
- CAS: Unicode SMP characters cause invalid XMLIDP-1437Resolved issue: IDP-1437Scott Cantor
- CAS actions should avoid raising runtime exceptionsIDP-1421Resolved issue: IDP-1421Scott Cantor
- Attaching SPProvidedID to persistent NameID uses incorrect SQL statementIDP-1415Resolved issue: IDP-1415Scott Cantor
- PGT granted when certificate validation failsIDP-1371Resolved issue: IDP-1371Marvin Addison
- Attribute Release view: display relying party's OrganizationDisplayName instead OrganizationNameIDP-1353Resolved issue: IDP-1353Tom Zeller
- attribute-release does not comply to isPassive flagIDP-1323Resolved issue: IDP-1323Tom Zeller
- Logout flow resolving encryption keys too aggressivelyIDP-1302Resolved issue: IDP-1302Scott Cantor
- "illegal reflective access" under Java 9, 10, 11IDP-1274Resolved issue: IDP-1274Scott Cantor
- NULLs in idp.process.log with LDAP authn against ActiveDirectoryIDP-1272Resolved issue: IDP-1272Daniel Fisher
- Dependencies of disabled plugins should be exposedIDP-1235Resolved issue: IDP-1235Rod Widdowson
- donotcache ignored on forceauthnIDP-1207Resolved issue: IDP-1207Scott Cantor
- Logout templates lacking rpUIContext for initiating SPIDP-1200Resolved issue: IDP-1200Scott Cantor
- x509-prompt.jsp links to SHIB2 documentIDP-1197Resolved issue: IDP-1197Scott Cantor
- Choice/Sequence issues in flattened SchemasIDP-1184Resolved issue: IDP-1184Rod Widdowson
- Unnecessary injection of LDAP search filter in LDAPDataConnectorIDP-1178Resolved issue: IDP-1178Daniel Fisher
- Remote User Subject Attribute LoggingIDP-1169Resolved issue: IDP-1169Scott Cantor
- Encoders should complain on less than sensible inputIDP-1165Resolved issue: IDP-1165Rod Widdowson
- ToU consent broken in combination with multiple languagesIDP-1157Resolved issue: IDP-1157Tom Zeller
- Global transitions are inherited into subflowsIDP-1152Resolved issue: IDP-1152Scott Cantor
- NameID comparison in logout code may be overly strictIDP-1145Resolved issue: IDP-1145Scott Cantor
- Runtime flow exceptions are insufficiently loggedIDP-1136Resolved issue: IDP-1136Scott Cantor
- Unconstrained flow transitions considered harmful.IDP-1133Resolved issue: IDP-1133Scott Cantor
- Optimize the default entityID at install timeIDP-1123Resolved issue: IDP-1123Rod Widdowson
- Namespaces are searched in differing ordersIDP-1113Resolved issue: IDP-1113Rod Widdowson
- Revector jvm.dll through a symlinkIDP-1092Resolved issue: IDP-1092Rod Widdowson
- Async LogoutRequest fails with EncryptedIDIDP-1067Resolved issue: IDP-1067Scott Cantor
- Remove property for LDAP resolver return attributesIDP-1064Resolved issue: IDP-1064Tom Zeller
- AbstractDataConnectorParser needs to move from implIDP-1055Resolved issue: IDP-1055Rod Widdowson
- IdentifiableBeanPostProcessor not running in SWF contextsIDP-1053Resolved issue: IDP-1053Scott Cantor
- Create Annotation for constructor parameter names and ParameterNameDiscoverer to understand itIDP-1047Resolved issue: IDP-1047Rod Widdowson
- Remove use of named constructor parameter in public spring filesIDP-1036Resolved issue: IDP-1036Rod Widdowson
- Spelling misstake in web.xmlIDP-1034Resolved issue: IDP-1034Tom Zeller
- Clean up the documentation around the use of springResources by static and scripted attributesIDP-1030Resolved issue: IDP-1030Rod Widdowson
- Warning about multiple copies of logback-classic on the classpath during Jetty start-upIDP-1024Scott Cantor
- Information leak regarding username/passwordIDP-1023Resolved issue: IDP-1023Scott Cantor
- Problem using persistentId salt with special charactersIDP-1019Resolved issue: IDP-1019Scott Cantor
- Wrong registration of SAML2SSOSService profile type in Spring parserIDP-997Resolved issue: IDP-997Rod Widdowson
- Remove embedded/jetty-base from idp-distributionIDP-993Resolved issue: IDP-993Rod Widdowson
- SOAP logout flow mislabeled as abstractIDP-984Resolved issue: IDP-984Scott Cantor
- Filtering of login flows breaks IsPassiveIDP-980Resolved issue: IDP-980Scott Cantor
50 of 100
Consider Splitting the Windows Installer into IdP and Jetty+Procrun
Completed
Basics
Logistics
Basics
Logistics
Description
Environment
None
Details
Details
Assignee
Rod Widdowson
Rod WiddowsonReporter
Rod Widdowson
Rod WiddowsonComponents
Fix versions
Affects versions
Created July 1, 2023 at 2:29 PM
Updated August 23, 2023 at 10:46 AM
Resolved August 11, 2023 at 1:47 PM
Activity
Rod Widdowson August 11, 2023 at 1:47 PM
Rod Widdowson
August 11, 2023 at 1:47 PM
With the beta out, lets call this closed
Rod Widdowson August 7, 2023 at 1:50 PM
Rod Widdowson
August 7, 2023 at 1:50 PM
Testing (as noted above) complete. We are ready for Beta, but I need to WTFM
Rod Widdowson July 31, 2023 at 2:03 PM(edited)
Rod Widdowson
July 31, 2023 at 2:03 PM
(edited)
In side discussions we need to add a warning dialog to the effect that if you are not using our jetty then you own the problem of locking down the installation and maintaining that.
We probably also need revert the default location back to PF86.
In PF86
Make sure noone you don’t want to can read credentials or conf
Otherwise
Make sure noone you don’t want to can read or write anywhere
In all cases
Our jetty installer will lock things down appropriately (see documentation).
We might add a batch file to do this. If we added it to the “core” Module then the jetty installer could use it (any my wouldn’t that make life easier). https://shibboleth.atlassian.net/browse/IDP-2150
Rod Widdowson July 31, 2023 at 12:36 PM(edited)
Rod Widdowson
July 31, 2023 at 12:36 PM
(edited)
4->5 update fails because of potential previous ownership of files. Need to force ownership to (say) Administrators
Rod Widdowson July 29, 2023 at 2:35 PM
Rod Widdowson
July 29, 2023 at 2:35 PM
I have just pushed the changes to mainline and deleted the test branch. Significant tested (as noted above) now needs to happen.
Conatiner case for all the work and to capture any musings.