Menu
▾
▴
unity-idm-discuss
|
From: Sander A. <sa....@fz...> - 2025-08-27 09:57:38
Attachments:
smime.p7s
|
Dear Krzysztof, dear Roman, one of our colleagues wants to connect Open edX via SAML. Open edX send the AttributeConsumingServiceIndex in the AuthN request, which is not supported by unity. At the moment it returns this to as message to the SP. Since the AtributeConsumingServiceIndex may be just ignored by the IdPs, is there any possibility to make unity ignoring this instead of returning the error message? I can understand that there are reasons to return the error message instead of just ignoring it. If not would it be an option to make this configurable by administrators? Best regards, Sander -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Dr. Stephanie Bauer (stellvertretende Vorsitzende), Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2025-08-29 11:01:46
|
Dear Sander, We've analyzed the issue of AttributeConsumingServiceIndex in the context of SAML and the specification. Our initial thoughts are that ignoring this parameter by default might be incorrect, as there are conditions under which it should not be omitted. We are leaning towards introducing a configuration option that would allow administrators to decide how to handle this index. Implementing full AttributeConsumingService selection is a much larger scope of work, which is not currently on our roadmap. I would like to ask how urgent this matter is for you? Would a solution delivered as part of a regular update be acceptable to you? Best regards, Roman śr., 27 sie 2025 o 11:57 Sander Apweiler <sa....@fz...> napisał(a): > Dear Krzysztof, > dear Roman, > > one of our colleagues wants to connect Open edX via SAML. Open edX send > the AttributeConsumingServiceIndex in the AuthN request, which is not > supported by unity. At the moment it returns this to as message to the > SP. Since the AtributeConsumingServiceIndex may be just ignored by the > IdPs, is there any possibility to make unity ignoring this instead of > returning the error message? I can understand that there are reasons to > return the error message instead of just ignoring it. If not would it > be an option to make this configurable by administrators? > > Best regards, > Sander > > -- > Large-Scale Data Science > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Jülich GmbH > 52425 Jülich > Sitz der Gesellschaft: Jülich > Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Stefan Müller > Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), > Dr. Stephanie Bauer (stellvertretende Vorsitzende), > Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2025-09-01 06:42:48
Attachments:
smime.p7s
|
Dear Roman, delivered as part of a regular update would be fine for us. Thank you very much. Sander On Fri, 2025-08-29 at 12:30 +0200, Roman Krysiński wrote: > Dear Sander, > > We've analyzed the issue of AttributeConsumingServiceIndex in the > context of SAML and the specification. > > Our initial thoughts are that ignoring this parameter by default > might be incorrect, as there are conditions under which it should not > be omitted. > > We are leaning towards introducing a configuration option that would > allow administrators to decide how to handle this index. Implementing > full AttributeConsumingService selection is a much larger scope of > work, which is not currently on our roadmap. > > I would like to ask how urgent this matter is for you? Would a > solution delivered as part of a regular update be acceptable to you? > > Best regards, > Roman > > śr., 27 sie 2025 o 11:57 Sander Apweiler <sa....@fz...> > napisał(a): > > Dear Krzysztof, > > dear Roman, > > > > one of our colleagues wants to connect Open edX via SAML. Open edX > > send > > the AttributeConsumingServiceIndex in the AuthN request, which is > > not > > supported by unity. At the moment it returns this to as message to > > the > > SP. Since the AtributeConsumingServiceIndex may be just ignored by > > the > > IdPs, is there any possibility to make unity ignoring this instead > > of > > returning the error message? I can understand that there are > > reasons to > > return the error message instead of just ignoring it. If not would > > it > > be an option to make this configurable by administrators? > > > > Best regards, > > Sander > > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Dr. Stephanie Bauer (stellvertretende Vorsitzende), Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
|
From: Roman K. <ro...@un...> - 2025-09-03 05:09:59
|
Dear Sander, I'm assuming the problem is manifesting as an error log record. Would it be possible to provide an exception from unity log? Thank you, Roman pon., 1 wrz 2025 o 08:42 Sander Apweiler <sa....@fz...> napisał(a): > Dear Roman, > delivered as part of a regular update would be fine for us. > > Thank you very much. > Sander > > On Fri, 2025-08-29 at 12:30 +0200, Roman Krysiński wrote: > > Dear Sander, > > > > We've analyzed the issue of AttributeConsumingServiceIndex in the > > context of SAML and the specification. > > > > Our initial thoughts are that ignoring this parameter by default > > might be incorrect, as there are conditions under which it should not > > be omitted. > > > > We are leaning towards introducing a configuration option that would > > allow administrators to decide how to handle this index. Implementing > > full AttributeConsumingService selection is a much larger scope of > > work, which is not currently on our roadmap. > > > > I would like to ask how urgent this matter is for you? Would a > > solution delivered as part of a regular update be acceptable to you? > > > > Best regards, > > Roman > > > > śr., 27 sie 2025 o 11:57 Sander Apweiler <sa....@fz...> > > napisał(a): > > > Dear Krzysztof, > > > dear Roman, > > > > > > one of our colleagues wants to connect Open edX via SAML. Open edX > > > send > > > the AttributeConsumingServiceIndex in the AuthN request, which is > > > not > > > supported by unity. At the moment it returns this to as message to > > > the > > > SP. Since the AtributeConsumingServiceIndex may be just ignored by > > > the > > > IdPs, is there any possibility to make unity ignoring this instead > > > of > > > returning the error message? I can understand that there are > > > reasons to > > > return the error message instead of just ignoring it. If not would > > > it > > > be an option to make this configurable by administrators? > > > > > > Best regards, > > > Sander > > > > > -- > Large-Scale Data Science > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Jülich GmbH > 52425 Jülich > Sitz der Gesellschaft: Jülich > Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Stefan Müller > Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), > Dr. Stephanie Bauer (stellvertretende Vorsitzende), > Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
|
From: Sander A. <sa....@fz...> - 2025-09-03 05:25:14
Attachments:
smime.p7s
AttributeConsumingServiceIndex.log
|
Dear Roman, please find the log attached. Best regards, Sander On Wed, 2025-09-03 at 07:09 +0200, Roman Krysiński wrote: > Dear Sander, > > I'm assuming the problem is manifesting as an error log record. > Would it be possible to provide an exception from unity log? > > Thank you, > Roman > > pon., 1 wrz 2025 o 08:42 Sander Apweiler <sa....@fz...> > napisał(a): > > Dear Roman, > > delivered as part of a regular update would be fine for us. > > > > Thank you very much. > > Sander > > > > On Fri, 2025-08-29 at 12:30 +0200, Roman Krysiński wrote: > > > Dear Sander, > > > > > > We've analyzed the issue of AttributeConsumingServiceIndex in the > > > context of SAML and the specification. > > > > > > Our initial thoughts are that ignoring this parameter by default > > > might be incorrect, as there are conditions under which it should > > > not > > > be omitted. > > > > > > We are leaning towards introducing a configuration option that > > > would > > > allow administrators to decide how to handle this index. > > > Implementing > > > full AttributeConsumingService selection is a much larger scope > > > of > > > work, which is not currently on our roadmap. > > > > > > I would like to ask how urgent this matter is for you? Would a > > > solution delivered as part of a regular update be acceptable to > > > you? > > > > > > Best regards, > > > Roman > > > > > > śr., 27 sie 2025 o 11:57 Sander Apweiler > > > <sa....@fz...> > > > napisał(a): > > > > Dear Krzysztof, > > > > dear Roman, > > > > > > > > one of our colleagues wants to connect Open edX via SAML. Open > > > > edX > > > > send > > > > the AttributeConsumingServiceIndex in the AuthN request, which > > > > is > > > > not > > > > supported by unity. At the moment it returns this to as message > > > > to > > > > the > > > > SP. Since the AtributeConsumingServiceIndex may be just ignored > > > > by > > > > the > > > > IdPs, is there any possibility to make unity ignoring this > > > > instead > > > > of > > > > returning the error message? I can understand that there are > > > > reasons to > > > > return the error message instead of just ignoring it. If not > > > > would > > > > it > > > > be an option to make this configurable by administrators? > > > > > > > > Best regards, > > > > Sander > > > > > > -- Large-Scale Data Science Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Jülich GmbH 52425 Jülich Sitz der Gesellschaft: Jülich Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Stefan Müller Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), Dr. Stephanie Bauer (stellvertretende Vorsitzende), Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X