Skip Menu |

This queue is for tickets about the Net-SAML2 CPAN distribution.

Report information
The Basics
Id: 100970
Status: resolved
Priority: 0/
Queue: Net-SAML2
People
Owner: TIMLEGGE [...] cpan.org
Requestors: bitcard [...] 32ths.com
Cc:
AdminCc:
Bug Information
Severity: Critical
Broken in: 0.17
Fixed in: 0.20

History Show all quoted text
  Wed Dec 17 11:12:34 2014 bitcard [...] 32ths.com - Ticket created
Subject: Fields required by Net::SAML2 that are not required by spec
When attempting to create a new Net::SAML2::IdP object with my IDP metadata, Net::SAML2 requires a SingleLogout location (slo_url) and a ArtifactResolution URL (art_urls). These fields should not be required as they are not required by spec. For instance, using HTTP POST Bindings, we do not have/need an artifact resolution url. We also do not provide a single logout url via the idp. This makes the module too stringent for our environment without maintaining a fork of Net::SAML2. I switched the objects to Maybe[HashRef[Str]]. I dont see a public repo for the module, I see a couple of your perl modules on github under chrisa though. Thanks for the module, glad I don't have to start from scratch. Thanks for it. - Mike p.s. are you still maintaining this module? I don't see NEEDHELP or ADOPTME so I presume so?
  Wed Dec 17 13:34:54 2014 bitcard [...] 32ths.com - Correspondence added
NameID child element of AuthnRequest is also optional according to the spec, however it is enforced by Net::SAML2. I'm using http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf as a reference, so hopefully that is a valid resource. It seems authoritative. Thanks! - Mike
  Mon Jun 27 06:29:59 2016 NEILB [...] cpan.org - Correspondence added
On 2014-12-17 16:12:34, xmikew wrote: Show quoted text
> When attempting to create a new Net::SAML2::IdP object with my IDP > metadata, Net::SAML2 requires a SingleLogout location (slo_url) and a > ArtifactResolution URL (art_urls).
I hit the art_urls being optional and have modified my local copy. Chris, you open to a pull request with this change in? Cheers, Neil
  Mon Jun 27 06:30:00 2016 The RT System itself - Status changed from 'new' to 'open'
  Fri Aug 19 14:13:38 2016 bitcard [...] 32ths.com - Correspondence added
On Mon Jun 27 06:29:59 2016, NEILB wrote: Show quoted text
> On 2014-12-17 16:12:34, xmikew wrote:
> > When attempting to create a new Net::SAML2::IdP object with my IDP > > metadata, Net::SAML2 requires a SingleLogout location (slo_url) and a > > ArtifactResolution URL (art_urls).
> > I hit the art_urls being optional and have modified my local copy. > > Chris, you open to a pull request with this change in? > > Cheers, > Neil
Hi Neil, I tried to get in contact with CHRISA through email and here but could not raise him... I've been maintaining a fork of his Net::SAML2 in my github and have been using it in production successfully. https://github.com/xmikew/perl-Net-SAML2 If you want to see compare the differences. I had to merge a couple of his branches and add some more mods to get it to work with our internal IDP but overall seems solid for the last few years. I haven't need to change it for a while. Thanks much, - Mike
  Tue Apr 07 15:40:47 2020 timlegge [...] gmail.com - Correspondence added
On Fri Aug 19 14:13:38 2016, xmikew wrote: Show quoted text
> On Mon Jun 27 06:29:59 2016, NEILB wrote:
> > On 2014-12-17 16:12:34, xmikew wrote:
> > > When attempting to create a new Net::SAML2::IdP object with my IDP > > > metadata, Net::SAML2 requires a SingleLogout location (slo_url) and > > > a > > > ArtifactResolution URL (art_urls).
> > > > I hit the art_urls being optional and have modified my local copy. > > > > Chris, you open to a pull request with this change in? > > > > Cheers, > > Neil
> > Hi Neil, > > I tried to get in contact with CHRISA through email and here but could > not raise him... I've been maintaining a fork of his Net::SAML2 in my > github and have been using it in production successfully. > > https://github.com/xmikew/perl-Net-SAML2 > > If you want to see compare the differences. I had to merge a couple of > his branches and add some more mods to get it to work with our > internal IDP but overall seems solid for the last few years. I haven't > need to change it for a while. > > Thanks much, > > - Mike
Hi Mike I was recently added a Maintainer for this module and I intend to make a release in the near future. My repo is at https://github.com/timlegge/perl-Net-SAML2 and based on your repo with some additional changes. If you are still using it and want to compare your repo to mine feel free to send me a merge request. TIm
  Tue Apr 07 15:42:02 2020 TIMLEGGE [...] cpan.org - Taken
  Mon Apr 13 22:22:16 2020 TIMLEGGE [...] cpan.org - Status changed from 'open' to 'resolved'
  Mon Apr 13 22:22:17 2020 TIMLEGGE [...] cpan.org - Fixed in 0.20 added