Bug 49641 - SAML tracebacks during the SAML login or logout is rather a deterrent
Summary: SAML tracebacks during the SAML login or logout is rather a deterrent
Status: RESOLVED WONTFIX
Alias: None
Product: UCS
Classification: Unclassified
Component: SAML
Version: UCS 4.4
Hardware: Other Mac OS X 10.1
: P5 normal
Target Milestone: ---
Assignee: UCS maintainers
QA Contact: UCS maintainers
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-13 13:31 CEST by Michel Smidt
Modified: 2025-02-05 09:28 CET (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 3: Will affect average number of installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.137
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Usability
Customer ID:
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michel Smidt 2019-06-13 13:31:28 CEST 
As a user, I don't want to see a traceback if something goes wrong on the server side during the SAML login or logout.
For a user this is rather a deterrent.
Comment 1 Florian Best univentionstaff 2019-06-13 13:36:04 CEST 
Do you know if there is a simplesamlphp configuration to supress tracebacks? I think so. Maybe also a UCR variable.
Comment 2 Michel Smidt 2019-06-13 13:48:04 CEST 
(In reply to Florian Best from comment #1)
> Do you know if there is a simplesamlphp configuration to supress tracebacks?
> I think so. Maybe also a UCR variable.

Oh. Now that you say that, I see there's a UCR variable "saml/idp/show-errors." Is it set to "true" by default? If so, why? I would change that then.
Comment 3 Jan-Luca Kiok univentionstaff 2025-02-05 09:28:32 CET 
This issue has been filed against UCS 4.4.

UCS 4.4 is out of maintenance and components may have vastly changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer versions, please use "Clone this bug" or reopen this issue. In this case please provide information on how this issue is affecting you.