Hi Rushmin, I think the better, easier, uncomplicated fix that also works for tenants will be to make this a text box with a default value instead of a label.
Can we change the fix like that? Regards, Johann. On Fri, Sep 1, 2017 at 5:17 PM, Rushmin Fernando <[email protected]> wrote: > Thank you for pointing this out Johann. > > Actually, the code doesn't do anything specific to the super tenant. > > The issue is with method name 'updateSuperTenantIdpWithNewEPUrls' which > is incorrect and misleading. It was my mistake :-( > > I just sent a PR [1] fixing the method name. > > @Darshana, could you review and merge it. > > Best Regards, > Rushmin > > [1] - https://github.com/wso2/carbon-identity-framework/pull/1043 > > On Thu, Aug 31, 2017 at 6:09 PM, Johann Nallathamby <[email protected]> > wrote: > >> IAM Folks, >> >> Can we do a better fix for this? I don't seem to agree with this fix. >> >> 1. We have written super tenant specific code. We shows that we treat >> super tenant differently and can be error prone. >> 2. The problem still remains for already created tenants. >> >> Another thing we need to address is that (not related to this issue), >> some deployments require to have different DNS names for tenants. >> >> My suggestion: >> Make this field a text box that is modifiable. >> >> Wdyt? Can we change this fix for IS 5.4.0? Do you see any problems in >> that? >> >> Regards, >> Johann. >> >> ---------- Forwarded message ---------- >> From: Farasath Ahamed (JIRA) <[email protected]> >> Date: Thu, May 18, 2017 at 1:54 AM >> Subject: [Carbon-jira] [jira] (IDENTITY-5948) Generated IdP metadata URLs >> are always pointing to localhost:9443 >> To: [email protected] >> >> >> Farasath Ahamed >> <https://wso2.org/jira/secure/ViewProfile.jspa?name=farasatha%40wso2.com> >> *created* an issue >> >> WSO2 Identity Server <https://wso2.org/jira/browse/IDENTITY> / [image: >> Improvement] <https://wso2.org/jira/browse/IDENTITY-5948> IDENTITY-5948 >> <https://wso2.org/jira/browse/IDENTITY-5948> >> Generated IdP metadata URLs are always pointing to localhost:9443 >> <https://wso2.org/jira/browse/IDENTITY-5948> >> Issue Type: [image: Improvement] Improvement >> Affects Versions: 5.3.0-GA >> Assignee: Thanuja Lakmal >> <https://wso2.org/jira/secure/ViewProfile.jspa?name=thanuja%40wso2.com> >> Components: saml2-sso >> Created: 18/May/17 1:53 AM >> Fix Versions: 5.3.1-GA >> Priority: [image: High] High >> Reporter: Farasath Ahamed >> <https://wso2.org/jira/secure/ViewProfile.jspa?name=farasatha%40wso2.com> >> >> During the first startup if we do not change the hostname of the IS >> server. >> All endpoints related to SAML configs gets generated for localhost. >> >> Thereafter even if you change the hostname still they will remain as >> hostname, >> >> <?xml version="1.0" encoding="UTF-8"?><EntityDescriptor >> xmlns="urn:oasis:names:tc:SAML:2.0:metadata" >> entityID="localhost"><IDPSSODescriptor >> protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" >> validUntil="2017-05-17T21:20:17.955Z"><KeyDescriptor use="signing"><KeyInfo >> xmlns="http://www.w3.org/2000/09/xmldsig#";><X509Data><X509Certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxv >> Y2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQsw >> CQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UE >> AwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTou >> sMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5 >> HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQID >> AQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44i >> QlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJR >> O4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</X509Certificate></X509Data></KeyInfo></KeyDescriptor><SingleLogoutService >> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >> Location="https://localhost:9443/samlsso"; >> ResponseLocation="https://localhost:9443/samlsso"/><NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat><SingleSignOnService >> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" >> Location="https://localhost:9443/samlsso"/><SingleSignOnService >> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >> Location="https://localhost:9443/samlsso"/></IDPSSODescriptor></EntityDescriptor> >> >> Any new tenants created after the hostname change will have the correct >> URL with the hostname. But super tenant's metadata URL becomes unusable. >> >> Basically, the endpoint in SAML Metadata file is static values. >> IMO we should generate them dynamically so that any change to an >> environment parameter would be reflected correctly. >> [image: Add Comment] >> <https://wso2.org/jira/browse/IDENTITY-5948#add-comment> Add Comment >> <https://wso2.org/jira/browse/IDENTITY-5948#add-comment> >> >> This message was sent by Atlassian JIRA (v7.2.2#72004-sha1:9d51328) >> [image: Atlassian logo] >> >> _______________________________________________ >> Carbon-jira mailing list >> [email protected] >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira >> >> >> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Senior Lead Solutions Engineer >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> > > > > -- > *Best Regards* > > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > mobile : +94775615183 > > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Senior Lead Solutions Engineer WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
