Univention Bugzilla – Bug 57060
Make URI scheme configurable for SAML requests
Last modified: 2024-02-28 13:17:31 CET
Currently SAML is hard coded to use HTTPS or HTTP for SAML requests. It should be possible to configure (restrict) this using the UCR variable umc/saml/schemes.
The URI scheme for the URLs of the SAML attribute consuming service and single logout endpoints of UMC are now configurable via the UCR variable umc/saml/schemes (still defaulting to "https, http"). The purpose is to make https disableable in testing environments or enforce only secure HTTPS requests in production environments. 9f298d28a3c2f5a1808e2b027d239cf734d1b8b0 | feat(umc): make SAML URI scheme configurable via `umc/saml/schemes`
OK: URI schemes are now configurable - must be done before adding the metadata to the SAML IDP (e.g. before join) OK: advisory
<https://errata.software-univention.de/#/?erratum=5.0x968>