lastpass / jira-saml Goto Github PK
View Code? Open in Web Editor NEWSAML plugin for JIRA
License: Apache License 2.0
SAML plugin for JIRA
License: Apache License 2.0
According to the SAML specification it's not mandatory to have the "SessionOnOrAfter" attribute within the "AuthnStatement" though the plugin code checks for that. Add it by modifying the buildSAMLAssertion method in ResponseBuilder class.
java.lang.NullPointerException
org.opensaml.xml.signature.SignatureValidator.buildSignature(SignatureValidator.java:92)
org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:56)
com.lastpass.saml.SAMLClient.validate(SAMLClient.java:171)
com.lastpass.saml.SAMLClient.validateResponse(SAMLClient.java:429)
com.lastpass.jira.SAMLAuthenticator.getUser(SAMLAuthenticator.java:195)
Not sure what to do with jira.home.dir
Any chance this can be added to Jira addon directory?
Hello. Are there any plans to make an installer available for JIRA users that self-host on Windows? Perhaps a powershell script?
Thanks, Andrew.
The SSO URL constructor assumes the SSO base URL has no query. Patch below:
diff --git a/src/com/lastpass/jira/SAMLAuthenticator.java b/src/com/lastpass/jira/SAMLAuthenticator.java
index d2aa6ee..251deb5 100644
--- a/src/com/lastpass/jira/SAMLAuthenticator.java
+++ b/src/com/lastpass/jira/SAMLAuthenticator.java
@@ -128,8 +128,11 @@ public class SAMLAuthenticator extends JiraSeraphAuthenticator
try {
String authrequest = client.generateAuthnRequest(requestId);
String url = client.getIdPConfig().getLoginUrl();
- url = url +
- "?SAMLRequest=" + URLEncoder.encode(authrequest, "UTF-8");
+ String sep = "?";
+ if (url.indexOf("?") > -1)
+ sep = "&";
+ url = url + sep +
+ "SAMLRequest=" + URLEncoder.encode(authrequest, "UTF-8");
if (relayState != null)
url += "&RelayState=" + URLEncoder.encode(relayState, "UTF-8");
Hi.,
After install the plugin we are getting an issue when try to access to the ServiceDesk direct link when the user is not logged:
404null for uri: http://jira.example.com/rest/servicedesk/1/saml_login.jsp?os_destination=%2Fservicedesk%2Fcustomer%2Fportals
If the user is logged then everything is OK.
Regards
It appears SAMLAuthenticator.generatePassword(int)
does not use the same probability for all chars:
jira-saml/src/com/lastpass/jira/SAMLAuthenticator.java
Lines 112 to 122 in 52f4b62
There are 72 chars but a char is picked using effectively random(0, 255) % 72
. Therefore the first 40 (= 256 % 72) chars are picked with a probability of 4/7, while the remaining 32 chars are picked with a probability of 3/7.
Though this is likely not that dramatic.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.