I would like to use the 'Scoping' and 'IDPList' options in the SAML authentication request in order to automatically select external IdP's from the applications.
Is this feature supported?
I'm afraid that the AuthnRequest currently neither support Scoping or IDPList. However, The AuthnRequest support NameIDPolicy, the code. You or someone else is welcome to add the support in a pull request. Then I'll look into it and add the support in a future release.
Related
Hey guys I need to know how we can disable kerberos authentication on ambari for solr & spark2 web consoles.
I'm getting the Error 401 - Unauthorized access.
I just want to get in the web consoles with no need for authentication.
I don't need Spnego too.
Please let me know if you need more information.
Best Regards,
André Santos
#Bedjase, This is just a hack. You can look (in ambari) at what was changed for each component, and their dependencies, then try to remove those configuration changes created by kerberizing the cluster. You may find its more than just those Solr and Spark. If you just change those two, it could break stuff in the cluster (zookeeper, Ambari-metrics, and more). This kind of change is also going to make the cluster not something that is supportable for future upgrades.
Our web app's user account has language setting. It is vital for having some email contents sent from the server side to be translated based on that setting.
However we would like to use Angular Translate's in-built determinePreferredLanguage feature (sniffing browser's locale/language) for the login page when the logged in user's account details are not yet available for the front-end app.
Anyone has a code snippet for this?
Using determinePreferredLanguage() method was indeed the solution for this issue, but my confusion was caused by a bug in the feature itself when used in combination with fallbackLanguage() method.
This bug has been fixed: https://github.com/angular-translate/angular-translate/issues/1368
new to Saml2, I want to use the Kentor AuthServices .net library for generating a Saml2 response, I have checked the output xml and I can't find any node for either "AttributeStatement" or "AuthnStatement".
Does anyone knows how can I deal with them on the library?
Cheers
H
The support in the Saml2Response class in Kentor.AuthServices for sending responses is very limited at the moment, so there is no support for AttributeStatement nor for AuthnStatement. Support for sending AttributeStatement has been added.
Support might be added in a future release, but the main focus of the Kentor.AuthServices library is to be service provider that receives and parses SAML2 responses. The identity provider functionality for sending saml2 responses is of much lower priority.
If you need it, please add an issue on GitHub to get it into the backlog, or implement the features yourself and send a pull request. Pull requests are always welcome :-)
in the official trigger.io docs there seems to be no provision for custom http headers when it comes to the forge.file module. I need this so I can download files behind an http authentication scheme. This seems like an easy thing to add, if support is not already there.
any workarounds? any chance of a quick fix in the next update? I know I could use forge.request instead, but I'd like to keep a local copy (saveURL).
thanks
Unfortunately the file module just uses simple "download url" methods rather than a full HTTP request library, which makes it a fairly big task to add support for custom headers.
I've added a task to our backlog for this, but I don't have a timeframe for it being added.
Currently on iOS you can do basic auth by using urls in the form http://user:password#url.com in case that helps.
Maybe to avoid this you can configure your server differently, or have a proxy server in front that allows you to pass authentication details as get parameters?
We have a Web Service client generated with CXF from a WSDL.
We now need to have an access to the generated SOAP requests in order to persist them.
It seems that the framework does not provide this behaviour by default.
Anyway do you guys ever tried to do such a thing?
I am thinking of building my own interceptor that can access to the fully generated message but maybe there is a better choice?
Any advice?
Thanks in advance.
By default CXF uses stax to stream your requests. If you add an interceptor, you can get access to the stax output writer and copy the events.
There is existing code in CXF to force the existence of a DOM tree; see code related to SAAJ and security.
In general, detailed CXF questions get better answers on the CXF user mailing list than here.