Skip to content

Solve issue 3226 #3234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
strehle merged 2 commits into from
Feb 2, 2025
Merged

Solve issue 3226 #3234

strehle merged 2 commits into from
Feb 2, 2025

Conversation

@strehle
Copy link
Member

@strehle strehle commented Jan 16, 2025

No description provided.

@strehle strehle linked an issue Jan 16, 2025 that may be closed by this pull request
SAML "invalid destination" error message should include location, as well as destination #3226
Closed
@strehle strehle requested a review from duanemay January 16, 2025 10:35
@strehle strehle mentioned this pull request Jan 16, 2025
Closed
@duanemay
Copy link
Member

duanemay commented Jan 16, 2025

The issue seems to be that when UAA is running on a standard port :80 or :443 and that port is included in the metadata. The destination within the SAML response includes the port, but the location from the relying party registration does not. Therefore the comparison does not match and authentication fails.

@aramprice
Copy link
Member

aramprice commented Jan 16, 2025

Agreed that the default port stripping is probably at the root of this.

The purpose behind this change is to expose both of the elements being compared in the conditional so that it is clearer why this particular error is returned by UAA.

Having only half of the information in the error message makes it impossible to understand the root cause when this error occurs.

duanemay
duanemay approved these changes Jan 21, 2025
View reviewed changes
Copy link
Member

@duanemay duanemay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

debug info is fine, need to circle back on fix

@strehle strehle merged commit b6ec72f into develop Feb 2, 2025
22 checks passed
@strehle strehle deleted the fix/issue/3226 branch February 2, 2025 08:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@duanemay duanemay duanemay approved these changes

Assignees

No one assigned

Labels

None yet

Projects

Foundational Infrastructure Working Group
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SAML "invalid destination" error message should include location, as well as destination

3 participants

@strehle @duanemay @aramprice