Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-796

A feature to allow release user password as attribute

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.2.0
    • Component/s: Authentication
    • Labels:
      None
    • Environment:

      N/A

      Description

      In IdP v2 we use a ScriptedAttributeDefinition to release the
      password entered on the login page as an attribute:

      [...]
      userSubject = requestContext.getUserSession().getSubject();
      i =
      userSubject.getPrivateCredentials(edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordCredential).iterator();
      [...]

      (Background: we then encrypt the password before releasing it to an internal SP that
      requires it. It is then decrypted and used by the portal running on that
      SP to access and display a user's email and calendar events.)

      The .getUserSession() method has been ported to v3 but as an empty method that just logs a warning.

      Reference: http://shibboleth.1660669.n2.nabble.com/IdPv3-x-user-password-as-attribute-follow-up-tp7618163p7618167.html

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            cgreiner@idp.protectnetwork.org cgreiner@idp.protectnetwork.org
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 45 minutes
                3h 45m