djangosaml2 | Django SAML2 Service Provider based on pySAML2 | Authentication library
kandi X-RAY | djangosaml2 Summary
kandi X-RAY | djangosaml2 Summary
Django SAML2 Service Provider based on pySAML2
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of djangosaml2
djangosaml2 Key Features
djangosaml2 Examples and Code Snippets
Community Discussions
Trending Discussions on djangosaml2
QUESTION
I am using djangosaml2 to authenticate my users. i've been using it for a long time now with no problem. i am currently in the process of upgrading python and django to newer versions and the authentication does not work any more. Using the logs, i see that the authentication in djangosaml2 is successful butin my view, the request.user is anonymous user.
Here are the working and none-working libraty versions that i use:
Python: 2.7 --> 3.8
Django: 1.9 --> 1.11
djangosaml2: 0.17.2 (in both evns.)
pysaml2: 4.0.5 --> 6.5.1 (tested also with 4.0.5)
Additional Info:
i see that the call to /saml2/acs/ redirects to "/" (access to my site) and the response includes the session_id.
The next http call - to "/" - includes the received session_id.
However, in the Dbase i do not see this session id. As the session id is not found in the Dbase, it is indeed considered as anonymous.
Any idea why the session id is not stored?
...ANSWER
Answered 2021-Jun-12 at 12:19Ok, at last - i have a solution!
The problem arises as in saml2 i deleted the user's pwd in my post authenticate method (for some other reason). This pwd is not something the user is aware of and as such, no harm was done. Turns out that the library creates a password that is used for calculating the session hash code even though the user itself is not aware of this pwd. The session hash is calculated with this pwd. when compared with the calculated hash (based on user's deleted pwd) te result is False - causing the session to be flushed (and as there is no session, the user is anonymous)
This behavior is not new. Why did it work before, then?
In older django versions, the get_user (in contrib.auth.init) used to check the hash with the following condition:
QUESTION
For my Django application, I am trying to enable SSO using Djangosaml2 and following are the versions I am using
djangosaml2==1.2.0
pysaml2==7.0.0
djangorestframework==3.12.2
Django==3.1.7
python==3.8
My saml2_settings is as follows
...ANSWER
Answered 2021-Jun-07 at 13:30I ended up doing the following two things, then it started working for me
Downgraded the djangosaml2 and pysaml version to 0.19.0 and 4.9.0 respectively.
For HTTPS connection, added SESSION_COOKIE_SECURE = True and for dev i.e. run server cases, SESSION_COOKIE_SECURE = False in your settings.py
QUESTION
I am trying to enable SAML in Hue™ 4.1 and have an error. The issue is the connection goes from https to http as the below setup: user–>https://hue.xyz.com:8889 --> LTM loadbalancer --> http://ip-addr:8889 (no SSL enabled in HUE).
The SAML IDP login pages comes up and when trying to login HUE returns error: Bad Request (400) . In the /var/log/hue/runcpserver.log I see below errors. The /saml2/metadata xml shows http not https in the ACS url . Any thoughts?
ANSWER
Answered 2019-Dec-24 at 15:53This was resolved by adding the below in the Cloudera Manager Hue Service Advanced Configuration Snippet (Safety Valve) for hue_safety_valve.ini
QUESTION
I am trying to implement SAML2 SSO, I am getting an error saml2.sigver.SignatureError: Signature missing for response. I am using djangosaml2, in turn using pysaml2. It seems to hit an issue when looking for signature: https://github.com/IdentityPython/pysaml2/blob/master/src/saml2/sigver.py#L1648
Looks like it is trying to find the signature in the Response attributes, however my IDP returns no signature in the response attributes, however signature can be found in the response as its own element ns2:Signature.
Should I be asking my IDP to provide me a different response, or am I missing a configuration option on my side?
...ANSWER
Answered 2018-Dec-18 at 15:31Following the comment by Bernhard, I needed to set "want_response_signed": False
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install djangosaml2
You can use djangosaml2 like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
