IDP ID registration and validation
With OS-Federation is possible to register multiple Identity Providers (IDPs) for the authentication. A user, to be authenticated, needs to access a specific url containing the IDP name and the protocol to use. If the credentials provided are correct the user can get a token. This mechanism misses to verify the IDP used for the authentication and this could allow a wrong mapping. It is possible to solve the problem with a specific configuration of shibboleth, as in the documentation, but this require to reconfigure the server every time an IDP is added/removed/
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Medium
- Drafter:
- Marco Fargetta
- Direction:
- Approved
- Assignee:
- Marco Fargetta
- Definition:
- Approved
- Series goal:
- Accepted for kilo
- Implementation:
- Implemented
- Milestone target:
- 2015.1.0
- Started by
- Marco Fargetta
- Completed by
- Morgan Fainberg
Related branches
Sprints
Whiteboard
remote_id attributes implementation: https:/
Gerrit topic: https:/
Addressed by: https:/
Multiple IdP authentication URL
Gerrit topic: https:/
Addressed by: https:/
IDP ID registration and validation
Addressed by: https:/
Fix typo in Patch #142743
Addressed by: https:/
IdP ID registration and validation
Addressed by: https:/
Adding utf8 to federations tables
Gerrit topic: https:/