mahara-contributors team mailing list archive

Thread
Date

[Bug 1829108] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <1829108@xxxxxxxxxxxxxxxxxx>
Date: Tue, 21 Jul 2020 20:13:30 -0000
Reply-to: Bug 1829108 <1829108@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://reviews.mahara.org/11038
Committed: https://git.mahara.org/mahara/mahara/commit/a795d53266563f847eda2e4e09d9459cdaad5cf5
Submitter: Robert Lyon (robertl@xxxxxxxxxxxxxxx)
Branch:    master

commit a795d53266563f847eda2e4e09d9459cdaad5cf5
Author: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date:   Tue Jun 23 17:30:58 2020 +1200

Bug 1829108: Allow saml auth admin to set private key passphrase

Rather than just relying on the site name

Change-Id: I06e007b5a0ebe6f4dc7159ae3d60f6050c981828
Signed-off-by: Robert Lyon <robertl@xxxxxxxxxxxxxxx>

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1829108

Title:
  Changing the display name of the site shouldn't break the SAML private
  key pass

Status in Mahara:
  Fix Committed

Bug description:
  If we change the site name for a site that uses SAML it breaks the
  ability to login via SAML

  We can roll the certificates and delete old ones to fix this problem
  but it means the IdPs will need to update their info about the SP
  certificate so no one can log in until this is done.

  We should have a static SAML private key that is part of the saml auth
  plugin rather than rely on site name

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1829108/+subscriptions

References

[Bug 1829108] [NEW] Changing the display name of the site shouldn't break the SAML private key pass
From: Robert Lyon, 2019-05-15