Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Please refrain from running ac_factory if not explicitly asked for

See original GitHub issue

I’ve been struggling with satosa failing internal atrribute mapping because pysaml2 had converted my incoming long SAML urn based attributes to shortnames before any custom attribute mapping was applied. This caused unexpected behaviour because I expected the internal mapping to be able to operate on original received long urn format attributes but was forced to map shortnames to internal representation instead. This is unexpected, non standard behaviour and should preferably be disabled unless explicitly requested by config parameter like e.g. use_ac_factory_map.

I fixed the problem by inserting a acs = [] just before _acs = self.getattr("attribute_converters", typ) in config.py@277 to simply circumvent the “No attribute converters” exception above.

Issue Analytics

State:
Created 6 years ago
Comments:6 (6 by maintainers)

Top GitHub Comments

1reaction

jkakavascommented, Jul 21, 2017

I see your point. For the time being, you can set the configuration option attribute_map_dir to an empty directory in order to produce an empty acs ( instead of overriding the code in config.py ).

The use of internal representations have been a conscious decision from @rohe AFAIK, but I would think that nothing breaks when no attribute maps are provided. ( Assuming the deployer knows that and i.e. filters on urn:oid values and/or uses these values in other software such as satosa ) . That would surely break some of our tests but we need to look into it.

I would suggest that we add a configuration parameter that allows for no attribute mapping instead of the “ugly hack” of providing an empty directory, PR’s are welcome.

0reactions

c00kiemon5tercommented, Dec 4, 2018

I am closing this, as it is tracked by #549

Top Results From Across the Web

CC Jukebox: I've Got The Style Of A Phoenix! | Curbside Classic

I'm not even a minute and a half into the song above, and the effect is powerful. I'm already envisioning a new-for-midyear-'77 Pontiac...

worst case exposure: Topics by Science.gov

Many systems can provide tremendous benefit if operating correctly, ... Despite the fact that worst-case scenario optimization did not explicitly account ...

IMCC Door Replacement - Iowa Bid Opportunities

This meeting is not mandatory but is highly recommended. ... The Bidder is specifically advised that any person, firm or other party to...

PROJECT MANUAL - Government Navigator

Work of the Project, unless a longer guarantee period is specifically called for in the Contract Documents. The Contractor shall.

Ex-teacher sentenced - UFDC Image Array 2

“This clearly is not for personal use, it was clearly to be trafficked in our community.” Hellenberg's attorney, Robert Chris-.