Univention Bugzilla – Bug 55507
[5.0] SAML IdP: Group member comparison should be case insensitive
Last modified: 2023-01-09 15:12:13 CET
A customer reported a possible regression in regards to case insensitivity. Apparantly SAML binddn fails while spotting differences when cases have changed: SAML binddn does not match: 'uid=john,cn=staff,cn=users,ou=ts,dc=example,dc=com' != 'uid=john,cn=staff,cn=users,ou=TS,dc=example,dc=com' UCS: 5.0-2 errata471 (UCS@school)
(In reply to Simon Streit from comment #1) > SAML binddn does not match: > 'uid=john,cn=staff,cn=users,ou=ts,dc=example,dc=com' != > 'uid=john,cn=staff,cn=users,ou=TS,dc=example,dc=com' This is just a warning in the log files of the UMC-server which can be ignored. It will be fixed via Bug #44883. Is there a real problem which can be observed in broken behavior?
Hi Florian, the endcustomer reported a problem, that looked like the given fixed bugs. The teacher created an exam, idled for serveral minutes and as he tried to start the exam his session was timed out. Normally the saml ticket should be renewed in the background and everything should work, but in this case the ticket was not renewd and the session was unauthorized. I opened the ticket @cust support to ask if also other customers reported such a behavior, as I do not realize that anymore @Linet. It looks like a regression to me.
Hi Florian, looks like I messed up my tickets/topics. This bug was opened caused by the log entries that looked not as a warning to me. Anyways this bug can be closed if it is only a warning. Sorry for my wrong post above.
management/univention-management-console/src/univention/management/console/base.py:406 It is just a warning and does not cause anything to fail at that point.