SAML: replace first number with random alphabet if request ID starts with a number by weizhouapache · Pull Request #6165 · apache/cloudstack

weizhouapache · 2022-03-25T13:36:38Z

Description

This PR fixes #5548

Types of changes

Breaking change (fix or feature that would cause existing functionality to change)
New feature (non-breaking change which adds functionality)
Bug fix (non-breaking change which fixes an issue)
Enhancement (improves an existing feature and functionality)
Cleanup (Code refactoring and cleanup, that may add test cases)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

Major
Minor

Bug Severity

Screenshots (if appropriate):

How Has This Been Tested?

…with a number

nvazquez · 2022-03-25T14:44:50Z

@blueorangutan package

blueorangutan · 2022-03-25T14:46:03Z

@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

yadvr · 2022-03-25T15:03:39Z

 public class SAMLUtils {
    public static final Logger s_logger = Logger.getLogger(SAMLUtils.class);

+    static final String charset = "abcdefghijklmnopqrstuvwxyz";


should we also have A-Z (i.e. a-z in upper case too) @weizhouapache ?

@rohityadavcloud
I have checked hundreds of request IDs, all are composed by digits (0 to 9) or lower case alphabet (a to z).

blueorangutan · 2022-03-25T15:27:13Z

Packaging result: ✔️ el7 ✔️ el8 ✔️ debian ✔️ suse15. SL-JID 2986

nvazquez · 2022-03-25T15:50:59Z

@blueorangutan test

blueorangutan · 2022-03-25T15:52:02Z

@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

blueorangutan · 2022-03-26T02:09:07Z

Trillian test result (tid-3727)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 35587 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6165-t3727-kvm-centos7.zip
Smoke tests completed. 77 look OK, 2 have errors
Only failed tests results shown below:

Test	Result	Time (s)	Test File
test_01_add_primary_storage_disabled_host	`Error`	0.75	test_primary_storage.py
test_01_primary_storage_nfs	`Error`	0.13	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	`Error`	0.22	test_primary_storage.py
test_03_deploy_and_scale_kubernetes_cluster	`Failure`	32.09	test_kubernetes_clusters.py
test_07_deploy_kubernetes_ha_cluster	`Failure`	51.34	test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster	`Failure`	31.99	test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster	`Failure`	0.04	test_kubernetes_clusters.py
ContextSuite context=TestKubernetesCluster>:teardown	`Error`	76.89	test_kubernetes_clusters.py

weizhouapache · 2022-03-29T08:09:36Z

@blueorangutan test

yadvr · 2022-03-29T10:38:45Z

@blueorangutan test

blueorangutan · 2022-03-29T10:39:03Z

@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

blueorangutan · 2022-03-29T19:55:02Z

Trillian test result (tid-3750)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 31981 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6165-t3750-kvm-centos7.zip
Smoke tests completed. 92 look OK, 0 have errors
Only failed tests results shown below:

Test	Result	Time (s)	Test File

nvazquez

LGTM

kohrar · 2022-03-30T05:16:01Z

That looks great. Thank-you for implementing the fix, @weizhouapache.

…with a number (apache#6165) (cherry picked from commit ee27708) Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

SAML: replace first number with random alphabet if request ID starts …

3720fe7

…with a number

weizhouapache added this to the 4.17.0.0 milestone Mar 25, 2022

weizhouapache linked an issue Mar 25, 2022 that may be closed by this pull request

SAML2 authentication with MS Azure AD intermittently fails with error AADSTS7500529 #5548

Closed

nvazquez added type:bug component:saml labels Mar 25, 2022

yadvr reviewed Mar 25, 2022

View reviewed changes

weizhouapache marked this pull request as ready for review March 29, 2022 08:09

weizhouapache requested review from Pearl1594 and nvazquez March 29, 2022 08:09

yadvr approved these changes Mar 29, 2022

View reviewed changes

nvazquez approved these changes Mar 30, 2022

View reviewed changes

nvazquez merged commit ee27708 into apache:4.16 Mar 30, 2022

weizhouapache deleted the 4.16-fix-saml-request-id branch December 9, 2022 08:32

Conversation

weizhouapache commented Mar 25, 2022

Description

Types of changes

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

Bug Severity

Screenshots (if appropriate):

How Has This Been Tested?

Uh oh!

nvazquez commented Mar 25, 2022

Uh oh!

blueorangutan commented Mar 25, 2022

Uh oh!

yadvr Mar 25, 2022

Choose a reason for hiding this comment

Uh oh!

weizhouapache Mar 25, 2022

Choose a reason for hiding this comment

Uh oh!

blueorangutan commented Mar 25, 2022

Uh oh!

nvazquez commented Mar 25, 2022

Uh oh!

blueorangutan commented Mar 25, 2022

Uh oh!

blueorangutan commented Mar 26, 2022

Uh oh!

weizhouapache commented Mar 29, 2022

Uh oh!

yadvr commented Mar 29, 2022

Uh oh!

blueorangutan commented Mar 29, 2022

Uh oh!

blueorangutan commented Mar 29, 2022

Uh oh!

nvazquez left a comment

Choose a reason for hiding this comment

Uh oh!

kohrar commented Mar 30, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants