Posts tagged ‘idp’

Issues in Shibboleth IdP 2.1.0

November 4, 2008, 14:42

There are some other issues in the new version of Shibboleth IdP. Though, they may be too specific, to affect the wider audience.

Due to a bug, it is not possible to set the maximum number of results returned by the LDAP DataConnector. The value of the corresponding attriubute maxResultSize is being ignored and the default value of 1 is used instead:

https://bugs.internet2.edu/jira/browse/SIDP-246

Normally it is a desired behaviour – one result set per user. But in case of a secondary connector used for gathering additional information like, for example, group information, more results may be expected. So if you use such connectors, do not upgrade to 2.1.0 until there is a fix.

The second issue is rather small and affects only IdPs using the UserPassword authentication handler with a custom login page. The Java API has been changed, so you need to replace all request.getParameter() calls with request.getAttribute() in your templates (login.jsp).

Tags: , , , ,
Category: Shibboleth  |  Comment

Shibboleth IdP 2.1 is out

November 3, 2008, 17:40

A new version of Shibboleth Identity Provider is available. It fixes a vulnerability in the UsernamePassword login handler, but it contains some new features as well. Obviously, the new version was released in a hurry, because there are some issues with the installer – apparently it overwrites the old configuration even if the user selects no to. A new installer is being planned for the next release.

Continue reading ‘Shibboleth IdP 2.1 is out’ »

Tags: , ,
Category: Shibboleth  |  Comment