Changing the display name of the site shouldn't break the SAML private key pass
Bug #1829108 reported by
Robert Lyon
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Robert Lyon |
Bug Description
If we change the site name for a site that uses SAML it breaks the ability to login via SAML
We can roll the certificates and delete old ones to fix this problem but it means the IdPs will need to update their info about the SP certificate so no one can log in until this is done.
We should have a static SAML private key that is part of the saml auth plugin rather than rely on site name
Changed in mahara: | |
assignee: | nobody → Robert Lyon (robertl-9) |
Changed in mahara: | |
milestone: | none → 20.10.0 |
status: | In Progress → Fix Committed |
Changed in mahara: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Moodle has a specific setting for that password and it invalidates certificates when you change it. Also there is a proper description for users. Looks like we should go the same way.