Project

General

Profile

Actions
Copy link

Defect #2767

closed

SSO: Redundant token generated for public configuration endpoint, when SSO is enabled

Added by Radek Tomiška over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Low
Assignee:
Radek Tomiška
Category:
Authentication / Authorization
Target version:
11.0.0
Start date:
04/20/2021
Due date:
% Done:

100%

Estimated time:
Affected versions:
Lapis (8.2.0)
Owner:

Description

Redundant authentication token is generated, when public configurations are requested and SSO is configured. Original token is not sent from FE, when configurations are requested.

Related issues

Related to IdStory Identity Manager - Task #1095: Support Single-Sign-OnClosedAlena Peterová05/14/2018

Actions
Related to IdStory Identity Manager - Defect #1572: Logon attempts exceeded with SSOClosedRadek Tomiška03/21/2019

Actions
Actions
Copy link
 #1

Updated by Radek Tomiška over 3 years ago

  • Related to Task #1095: Support Single-Sign-On added
Actions
Copy link
 #2

Updated by Radek Tomiška over 3 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 0 to 90

Available token is used for request public configuration now.

Commit:
https://github.com/bcvsolutions/CzechIdMng/commit/f9a279cf0f2ff0e8a5f63d20dc048aaddc848b48

Could you provide me a feedback, please?

Note: This behavior was there from the first IdM version, but affects SSO only (~ relation to #1095, but it's not a cause).

Actions
Copy link
 #3

Updated by Vít Švanda over 3 years ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Vít Švanda to Radek Tomiška
  • % Done changed from 90 to 100

I did reivew and tested it under local SSO. No additional token is generating after hard FE reload (F5) now. Thanks for this fix.

Actions
Copy link
 #4

Updated by Radek Tomiška over 3 years ago

  • Status changed from Resolved to Closed
Actions
Copy link
 #5

Updated by Radek Tomiška over 3 years ago

  • Status changed from Closed to In Progress
  • % Done changed from 100 to 50
Actions
Copy link
 #6

Updated by Radek Tomiška over 3 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 50 to 90

Check expired token in extend expiration filter is ignored on public endpoints now, commit:
https://github.com/bcvsolutions/CzechIdMng/commit/5bf7d6f19a5ae9faec69bda2ead34ce2389e95ec

Could you provide me a feedback again, please?

Actions
Copy link
 #7

Updated by Vít Švanda over 3 years ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Vít Švanda to Radek Tomiška
  • % Done changed from 90 to 100

I retested it. Token expiration and logout works correctly. LGTM

Actions
Copy link
 #8

Updated by Radek Tomiška over 3 years ago

  • Status changed from Resolved to Closed
Actions
Copy link
 #9

Updated by Radek Tomiška over 3 years ago

  • Related to Defect #1572: Logon attempts exceeded with SSO added
Actions
Copy link

Also available in: Atom PDF