[
https://issues.apache.org/jira/browse/CLOUDSTACK-8034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14273300#comment-14273300
]
ASF subversion and git services commented on CLOUDSTACK-8034:
-------------------------------------------------------------
Commit b2b496288d164fead2c089fb48319e1988b03ce8 in cloudstack's branch
refs/heads/4.5 from [[email protected]]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=b2b4962 ]
CLOUDSTACK-8034: Hash user IDs for SAML authentication
The User table's UUID column is restricted to 40 chars only, since we don't
know how long the nameID/userID of a SAML authenticated user will be - the fix
hashes that user ID and takes a substring of length 40 chars. For hashing,
SHA256 is used which returns a 64 char length string.
- Fix tests, add test cases
- Improve checkSAMLUser method
- Use SHA256 one way hashing to create unique UUID for SAML users
Signed-off-by: Rohit Yadav <[email protected]>
> SAML Unique ID is restricted to 40 chars only
> ---------------------------------------------
>
> Key: CLOUDSTACK-8034
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8034
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Rohit Yadav
> Assignee: Rohit Yadav
> Fix For: 4.5.0, 4.6.0
>
>
> Fix for cases where SAML unique IDs returned by IDP is more than 40 chars,
> what should be the ideal fix like?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
