Using the server's basePath when building the SAML ACS #51391
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@elasticmachine merge upstream |
kobelb
added
release_note:skip
💔 Build Failed |
💔 Build Failed |
azasypkin
added
Feature:Security/Authentication
|
Pinging @elastic/kibana-security (Team:Security) |
|
@elasticmachine merge upstream |
💔 Build Failed |
|
CI failure: |
|
ACK: reviewing |
|
@elasticmachine merge upstream |
💚 Build Succeeded |
kobelb
added a commit
to kobelb/kibana
that referenced
this pull request
Nov 25, 2019
* Using the server's basePath when building the SAML ACS * Fixing getACS call
kobelb
added a commit
that referenced
this pull request
Nov 25, 2019
kobelb
added
release_note:fix
and removed
release_note:skip
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously, we were using the request's basePath when building the ACS. This would cause the space prefix to be included when building the ACS. This isn't an issue when using
xpack.security.authc.saml.realm, only when using the deprecatedxpack.security.public.*settings.This was accidentally and indirectly fixed by #44513 because the even more complicated (but improved) SAML dance redirects the user to
/${serverBasePath}/api/security/saml/startbefore starting the SAML authentication. However, I didn't want to rely on this incase something else changes.Resolves #51337
"Release Note: Resolving SAML bug when building the ACS when
xpack.security.public.*settings are used and aserver.basePathare configured"