mahara-contributors team mailing list archive

Thread
Date

[Bug 1704887] Re: Add signature.algorithm as config field in the SAML configuration

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date: Thu, 21 Sep 2017 22:29:14 -0000
Reply-to: Bug 1704887 <1704887@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: mahara
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1704887

Title:
  Add signature.algorithm as config field in the SAML configuration

Status in Mahara:
  Fix Committed

Bug description:
  The default SAML implementation only supports SHA1 at the moment. Some
  IDPs do not allow that anymore. Therefore, a SAML config would need to
  get a line added manually:

  htdocs/auth/saml/config/config.php inside the config array, add
  the following line

  'signature.algorithm' =>
  'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256';

  It would be better if that was more configurable directly on the
  front-end rather than in core code.

  That field could be added to
  /admin/extensions/pluginconfig.php?plugintype=auth&pluginname=saml

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1704887/+subscriptions

References

[Bug 1704887] [NEW] Add signature.algorithm as config field in the SAML configuration
From: Kristina Hoeppner, 2017-07-17