Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-982

computedid connector ignores leading and trailing white space in salt

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.1, 3.2.1
    • Fix Version/s: 3.3.0
    • Component/s: Attribute Resolver
    • Labels:
      None
    • Operating System:
      Multiple
    • Java Version:
      Oracle Java 8
    • Servlet Container:
      Jetty 9.2

      Description

      The computedid connector throws away any and all leading and/or trailing space characters in the salt value and calculates the hash as if they were not there. This can be seen in the IdP log. Reproduced in 3.2.1 and 3.1.1.

      For example, a log extract from 3.1.1:

      2016-05-03 15:53:10,852 - DEBUG [net.shibboleth.idp.attribute.resolver.spring.dc.BaseComputedIDDataConnectorParser:83] - Data Connector 'computedID': generated Attribute : 'computedID', sourceAttribute = 'uid', salt: '[98, 117, 110, 110, 105, 101, 115, 32, 98, 111, 117, 110, 99, 105, 110, 103, 32, 105, 110, 32, 102, 105, 101, 108, 100, 115, 32, 111, 102, 32, 104, 97, 112, 112, 105, 110, 101, 115, 115]'.

      But the value of the salt in attribute-resolver.xml is this:

      salt=" bunnies bouncing in fields of happiness ">

      This is different behaviour from v2.x, which makes it impossible as it stands for the same hash values to be maintained over a migration to v3.x if an affected salt value has been used.

        Attachments

          Activity

            People

            Assignee:
            rdw@iay.org.uk Rod Widdowson
            Reporter:
            shopkins@ed.ac.uk Sara Hopkins
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 3 hours Original Estimate - 3 hours
                3h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 30 minutes
                3h 30m