First Last Prev Next    This bug is not in your last search results.
Bug 56074 - configure SimpleSAMLphp as a service provider in Keycloak
configure SimpleSAMLphp as a service provider in Keycloak
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: SAML
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-3-errata
Assigned To: Nikola Radovanovic
Julia Bremer
:
Depends on:
Blocks: 56588 56647
  Show dependency treegraph
 
Reported: 2023-05-17 11:19 CEST by Nikola Radovanovic
Modified: 2023-09-25 09:23 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nikola Radovanovic univentionstaff 2023-05-17 11:19:58 CEST 
SimpleSAMLPHP has to be altered so it can be a service provider in Keycloak
Comment 3 Arvid Requate univentionstaff 2023-05-17 12:37:37 CEST 
Just a small comment to clarify: An alternative title would be:

Keycloak as IdP in SimpleSAMLphp
Comment 4 Nikola Radovanovic univentionstaff 2023-06-05 21:34:08 CEST 
a541ae6de2e | SimpleSAMLPHP as a service provider in Keycloak
Comment 5 Julia Bremer univentionstaff 2023-06-06 17:34:42 CEST 
OK: The (still) unreleased documentation shows how to configure simplesamlphp as a service provider in keycloak
OK: configuration reads attributes from LDAP 
OK: YAML
OK: Keycloak Jenkins tests
OK: UCS Jenkins tests

Verified
Comment 7 Florian Best univentionstaff 2023-09-14 09:03:20 CEST 
FYI: this introduced a Python 2 incompatibility which broke a very important customers whole SAML config, as they were still setting UCR variables for SAML in a Python 2 process.

This patch will restore Python 2 compatibility:

diff --git saml/univention-saml/conffiles/etc/simplesamlphp/00authsources.php saml/univention-saml/conffiles/etc/simplesamlphp/00authsources.php
index dcec19737b..2c81ca07bd 100644
--- saml/univention-saml/conffiles/etc/simplesamlphp/00authsources.php
+++ saml/univention-saml/conffiles/etc/simplesamlphp/00authsources.php
@@ -79,7 +79,7 @@ print(
         php_string("uid=sys-idp-user,cn=users,%s" % base),
         php_string(password),
         php_string(base),
-    ),
+    )
 )
 @!@
     // LDAP authentication source.
First Last Prev Next    This bug is not in your last search results.