Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-60030

SAML: Authentication crashes if invalid role is specified in assertion

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 7.6.0
    • 7.6.0
    • ns_server
    • Untriaged
    • 0
    • Unknown

    Description

      SAML assertion validation doesn't validate roles that come in SAML attributes good enough.
      It currently only checks that roles can be parsed (role syntax is ok), but doesn't check the semantics. For example, it doesn't check if roles have all required parameters.
      This can lead to SAML authentication crash when those incorrect roles are used.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. MB-24487 SAML SSO authentication for Couchbase Admin UI

          • Major - Major loss of function.
          • Closed
          For Gerrit Dashboard: MB-60030
          # Subject Branch Project Status CR V
          202179,8 MB-60030: [SAML] Fix roles validation master ns_server Status: MERGED +2 +1

          Activity

            People

              shaazin.sheikh Shaazin Sheikh
              timofey.barmin Timofey Barmin
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty