Defect #2767: SSO: Redundant token generated for public configuration endpoint, when SSO is enabled - IdStory Identity Manager

Custom queries

Product defect list
Product feature list
UX_2020

Actions

Copy link

Defect #2767

closed

SSO: Redundant token generated for public configuration endpoint, when SSO is enabled

Added by Radek Tomiška over 3 years ago. Updated over 3 years ago.

Status:

Closed

Priority:

Low

Assignee:

Radek Tomiška

Category:

Authentication / Authorization

Target version:

11.0.0

Start date:

04/20/2021

Due date:

% Done:

100%

Estimated time:

Affected versions:

Lapis (8.2.0)

Owner:

Description

Redundant authentication token is generated, when public configurations are requested and SSO is configured. Original token is not sent from FE, when configurations are requested.

Related issues

Related to IdStory Identity Manager - Task #1095: Support Single-Sign-On

Closed

Alena Peterová

05/14/2018

Actions

Related to IdStory Identity Manager - Defect #1572: Logon attempts exceeded with SSO

Closed

Radek Tomiška

03/21/2019

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Related to Task #1095: Support Single-Sign-On added

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Status changed from In Progress to Needs feedback
Assignee changed from Radek Tomiška to Vít Švanda
% Done changed from 0 to 90

Available token is used for request public configuration now.

Commit:
https://github.com/bcvsolutions/CzechIdMng/commit/f9a279cf0f2ff0e8a5f63d20dc048aaddc848b48

Could you provide me a feedback, please?

Note: This behavior was there from the first IdM version, but affects SSO only (~ relation to #1095, but it's not a cause).

Actions

Copy link

Updated by Vít Švanda over 3 years ago

Status changed from Needs feedback to Resolved
Assignee changed from Vít Švanda to Radek Tomiška
% Done changed from 90 to 100

I did reivew and tested it under local SSO. No additional token is generating after hard FE reload (F5) now. Thanks for this fix.

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Status changed from Closed to In Progress
% Done changed from 100 to 50

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Status changed from In Progress to Needs feedback
Assignee changed from Radek Tomiška to Vít Švanda
% Done changed from 50 to 90

Check expired token in extend expiration filter is ignored on public endpoints now, commit:
https://github.com/bcvsolutions/CzechIdMng/commit/5bf7d6f19a5ae9faec69bda2ead34ce2389e95ec

Could you provide me a feedback again, please?

Actions

Copy link

Updated by Vít Švanda over 3 years ago

Status changed from Needs feedback to Resolved
Assignee changed from Vít Švanda to Radek Tomiška
% Done changed from 90 to 100

I retested it. Token expiration and logout works correctly. LGTM

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Status changed from Resolved to Closed

Actions

Copy link

Updated by Radek Tomiška over 3 years ago

Related to Defect #1572: Logon attempts exceeded with SSO added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

IdStory Identity Manager

Custom queries

Defect #2767

SSO: Redundant token generated for public configuration endpoint, when SSO is enabled

Updated by Radek Tomiška over 3 years ago

Updated by Radek Tomiška over 3 years ago

Updated by Vít Švanda over 3 years ago

Updated by Radek Tomiška over 3 years ago

Updated by Radek Tomiška over 3 years ago

Updated by Radek Tomiška over 3 years ago

Updated by Vít Švanda over 3 years ago

Updated by Radek Tomiška over 3 years ago

Updated by Radek Tomiška over 3 years ago