Univention Bugzilla – Bug 50177
Invalid syntax class for simplesamlAttributes in saml/serviceprovider
Last modified: 2019-09-18 13:23:28 CEST
The saml/serviceprovider module has the property simplesamlAttributes with syntax TrueFalseUp. TrueFalseUp only allows TRUE/FALSE as values. In the joinscript 91univention-saml.inst we set invalid values: 91univention-saml.inst:271: --set simplesamlAttributes="false" \ 91univention-saml.inst:283: --set simplesamlAttributes="false" \ 91univention-saml.inst:296: --set simplesamlAttributes="false" \ We must change the syntax class to TrueFalse: diff --git a/saml/univention-saml/modules/univention/admin/handlers/saml/serviceprovider.py b/saml/univention-saml/modules/univention/admin/handlers/saml/serviceprovider.py index 830129bb5e..33ccb77d67 100644 --- a/saml/univention-saml/modules/univention/admin/handlers/saml/serviceprovider.py +++ b/saml/univention-saml/modules/univention/admin/handlers/saml/serviceprovider.py @@ -104,7 +104,7 @@ property_descriptions = { 'simplesamlAttributes': univention.admin.property( short_description=_(u'Allow transmission of ldap attributes to the service provider'), long_description=_(u'Whether the service provider should receive any ldap attributes from the IdP'), - syntax=univention.admin.syntax.TrueFalseUp, + syntax=univention.admin.syntax.TrueFalse, multivalue=False, options=[], required=False,
As there might be already entries with TRUE7FALSE in LDAP we could instead leave the syntax class and fix the values from our joinscript or create a syntax class which allows both forms.
This is caused by the broken syntax validation of Bug #40731.
Adjusted the joinscript in branch git:fbest/50177-saml-invalid-true-false-values. So, there is no need to modify the syntax class.
Fixed by setting the valid value if it is equal to the currently invalid value. univention-saml (6.0.2-7) b43b29d0f728 | Bug #50177: fix invalid true/false values for TrueFalseUp syntax 19763434233a | Bug #50177: fix invalid true/false values for TrueFalseUp syntax 20ab5afbcd3d | Bug #50177: fix invalid true/false values for TrueFalseUp syntax univention-saml.yaml 19763434233a | Bug #50177: fix invalid true/false values for TrueFalseUp syntax
Fixed typo in ldap filter: [4.4-1 d28437cc09] Bug #50177: fix filter [4.4-1 08fb8cc217] Bug #50177: yaml What I tested: Upgrade -> simplesamlAttributes is now upper case for all three SP -> OK Deleted all three SP and forced join script execution -> simplesamlAttributes is upper case for all three SP -> OK Activated all three SP -> "php -l $SP_CONFIG_FILE" in "/etc/simplesamlphp/metadata.d" -> OK YAML -> OK Waiting for jenkins tomorrow, otherwise OK
jenkins -> OK -> Verified
<http://errata.software-univention.de/ucs/4.4/285.html>