Hi Johann, The fix handles the tenant scenario as well.
Are you specifically talking about having different domain names for tenants? Best Regards, Rushmin On Mon, Sep 4, 2017 at 2:59 PM, Johann Nallathamby <[email protected]> wrote: > Hi Rushmin, > > I think the better, easier, uncomplicated fix that also works for tenants > will be to make this a text box with a default value instead of a label. > > Can we change the fix like that? > > Regards, > Johann. > > On Fri, Sep 1, 2017 at 5:17 PM, Rushmin Fernando <[email protected]> wrote: > >> Thank you for pointing this out Johann. >> >> Actually, the code doesn't do anything specific to the super tenant. >> >> The issue is with method name 'updateSuperTenantIdpWithNewEPUrls' which >> is incorrect and misleading. It was my mistake :-( >> >> I just sent a PR [1] fixing the method name. >> >> @Darshana, could you review and merge it. >> >> Best Regards, >> Rushmin >> >> [1] - https://github.com/wso2/carbon-identity-framework/pull/1043 >> >> On Thu, Aug 31, 2017 at 6:09 PM, Johann Nallathamby <[email protected]> >> wrote: >> >>> IAM Folks, >>> >>> Can we do a better fix for this? I don't seem to agree with this fix. >>> >>> 1. We have written super tenant specific code. We shows that we treat >>> super tenant differently and can be error prone. >>> 2. The problem still remains for already created tenants. >>> >>> Another thing we need to address is that (not related to this issue), >>> some deployments require to have different DNS names for tenants. >>> >>> My suggestion: >>> Make this field a text box that is modifiable. >>> >>> Wdyt? Can we change this fix for IS 5.4.0? Do you see any problems in >>> that? >>> >>> Regards, >>> Johann. >>> >>> ---------- Forwarded message ---------- >>> From: Farasath Ahamed (JIRA) <[email protected]> >>> Date: Thu, May 18, 2017 at 1:54 AM >>> Subject: [Carbon-jira] [jira] (IDENTITY-5948) Generated IdP metadata >>> URLs are always pointing to localhost:9443 >>> To: [email protected] >>> >>> >>> Farasath Ahamed >>> <https://wso2.org/jira/secure/ViewProfile.jspa?name=farasatha%40wso2.com> >>> *created* an issue >>> >>> WSO2 Identity Server <https://wso2.org/jira/browse/IDENTITY> / [image: >>> Improvement] <https://wso2.org/jira/browse/IDENTITY-5948> IDENTITY-5948 >>> <https://wso2.org/jira/browse/IDENTITY-5948> >>> Generated IdP metadata URLs are always pointing to localhost:9443 >>> <https://wso2.org/jira/browse/IDENTITY-5948> >>> Issue Type: [image: Improvement] Improvement >>> Affects Versions: 5.3.0-GA >>> Assignee: Thanuja Lakmal >>> <https://wso2.org/jira/secure/ViewProfile.jspa?name=thanuja%40wso2.com> >>> Components: saml2-sso >>> Created: 18/May/17 1:53 AM >>> Fix Versions: 5.3.1-GA >>> Priority: [image: High] High >>> Reporter: Farasath Ahamed >>> <https://wso2.org/jira/secure/ViewProfile.jspa?name=farasatha%40wso2.com> >>> >>> During the first startup if we do not change the hostname of the IS >>> server. >>> All endpoints related to SAML configs gets generated for localhost. >>> >>> Thereafter even if you change the hostname still they will remain as >>> hostname, >>> >>> <?xml version="1.0" encoding="UTF-8"?><EntityDescriptor >>> xmlns="urn:oasis:names:tc:SAML:2.0:metadata" >>> entityID="localhost"><IDPSSODescriptor >>> protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" >>> validUntil="2017-05-17T21:20:17.955Z"><KeyDescriptor use="signing"><KeyInfo >>> xmlns="http://www.w3.org/2000/09/xmldsig#";><X509Data><X509Certificate>MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoMBFdTTzIxEjAQBgNVBAMMCWxv >>> Y2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAyMTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQsw >>> CQYDVQQIDAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UE >>> AwwJbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTou >>> sMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb+48FjbBe0hseUdN5 >>> HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq+QktMfXnRS4HrKGJTzxaCcU7OQID >>> AQABoxIwEDAOBgNVHQ8BAf8EBAMCBPAwDQYJKoZIhvcNAQEFBQADgYEAW5wPR7cr1LAdq+IrR44i >>> QlRG5ITCZXY9hI0PygLP2rHANh+PYfTmxbuOnykNGyhM6FjFLbW2uZHQTY1jMrPprjOrmyK5sjJR >>> O4d1DeGHT/YnIjs9JogRKv4XHECwLtIVdAbIdWHEtVZJyMSktcyysFcvuhPQK8Qc/E/Wq8uHSCo=</X509Certificate></X509Data></KeyInfo></KeyDescriptor><SingleLogoutService >>> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >>> Location="https://localhost:9443/samlsso"; >>> ResponseLocation="https://localhost:9443/samlsso"/><NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat><SingleSignOnService >>> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" >>> Location="https://localhost:9443/samlsso"/><SingleSignOnService >>> Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" >>> Location="https://localhost:9443/samlsso"/></IDPSSODescriptor></EntityDescriptor> >>> >>> Any new tenants created after the hostname change will have the correct >>> URL with the hostname. But super tenant's metadata URL becomes unusable. >>> >>> Basically, the endpoint in SAML Metadata file is static values. >>> IMO we should generate them dynamically so that any change to an >>> environment parameter would be reflected correctly. >>> [image: Add Comment] >>> <https://wso2.org/jira/browse/IDENTITY-5948#add-comment> Add Comment >>> <https://wso2.org/jira/browse/IDENTITY-5948#add-comment> >>> >>> This message was sent by Atlassian JIRA (v7.2.2#72004-sha1:9d51328) >>> [image: Atlassian logo] >>> >>> _______________________________________________ >>> Carbon-jira mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira >>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Senior Lead Solutions Engineer >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> >> >> -- >> *Best Regards* >> >> *Rushmin Fernando* >> *Technical Lead* >> >> WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware >> >> mobile : +94775615183 >> >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Senior Lead Solutions Engineer > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- *Best Regards* *Rushmin Fernando* *Technical Lead* WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware mobile : +94775615183
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
