Reviewed: https://reviews.mahara.org/7335 Committed: https://git.mahara.org/mahara/mahara/commit/8665b925f24c86fce1ae9a03e3d52d0a6dd1e905 Submitter: Robert Lyon ([email protected]) Branch: master
commit 8665b925f24c86fce1ae9a03e3d52d0a6dd1e905 Author: Robert Lyon <[email protected]> Date: Wed Dec 14 21:02:25 2016 +1300 Bug 1650995: Auth saml idp metadata fix This patch allows the dataroot/metadata/*.xml file to be named after the idp rather than the Mahara institution. Also added - A select dropdown so that institution can pick existing auth to be paired to - Upgrade to rename the dataroot/metadata/*.xml file - Check to stop being able to add blank metadata field - An alert for user when updating metadata if other institutions are also being effected - Delete the metadata if deleted institution is only one using it behatnotneeded Change-Id: Ie3f5cdc523404b1081352ede67aab591e79b6dbb Signed-off-by: Robert Lyon <[email protected]> -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1650995 Title: Alter how Auth SAML pairs idp metadata to an institution Status in Mahara: In Progress Status in Mahara 16.10 series: In Progress Status in Mahara 17.04 series: In Progress Bug description: Currently when we store idp metadata it saves to dataroot with name of the institution it was saved in. If other institutions want to use the same idp metadata they simply leave that field blank. Problems with this: 1) If we delete the institution that first added the metadata the dataroot [institutionA].xml file is NOT deleted but if we add the same metadata to another institution's saml instance a new file is created so we have 2 versions of the same info in the dataroot: [institutionA].xml and [institutionB].xml 2) We only record the info against one saml instance so we don't know what metadata the other saml instances are using as we leave the field blank in database What would be more useful is if we pair all saml instances needing the idp metadata together by having institutionidpentityid set for all institution's saml auth using it. Then instead of naming the dataroot's metadata file to match the institution shortname we name it to match the institutionidpentityid instead. So when we delete an institution or that institution stops using saml we can check to see if others are using the metadata and if not can safely delete the metadata. 3) We can extend the idea in (2) and we could add metadata to saml instances by either pasting in the metadata or by specifying the idpentity value. via dropdown, of the installed idp metadata. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1650995/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
