FORGEBOX Enterprise 🚀 - Take your ColdFusion (CFML) Development to Modern Times! Learn More...

PresideCMS Extension: SAML2 Single Sign On

v4.1.1 Public

SAML2 Single Sign On for Preside

Build Status

This extension provides single sign on for Preside applications using SAML2.

In its current form, it allows your website, for front-end website users, to be used as an Identity Provider (IDP) and for the Preside application (either front or backend) to act as a Service Provider (SP) with an external IDP.

See the Wiki for full documentation.

Changelog

v4.1.1

  • Fix tests

v4.1.0

  • Add ability to download IDP-specific service provider metadata for each registered IDP when Preside is being used as a service Provider

v4.0.5

  • Build fixes

v4.0.4

  • Version bump

v4.0.3

  • Use correct issuer (entity ID) for IDP initiated SSO processes

v4.0.2

  • Ensure assertion is valid until 2 minutes AFTER the instance of assertion, not BEFORE!

v4.0.1

  • Fix bad reference to isFeatureEnabled() function

v4.0.0

  • Fix wrong Issuer instruction in assertion response while adding a feature flag to help patch backward compatibility if SPs are working around our bad ISSUER responses (they should be the entityID, NOT the sso URL)
  • Ensure that we use root URL for entity ID and NOT the org URL
  • Add UI to allow users to see multiline formatted X509 cert
  • Ensure X509 certificate is output on single line and without BEGIN/END cert prefixes
  • Ensure test server runs with correct name
  • Update test runner code to work with latest commandbox

v3.0.14

  • Add back the Assertion node to the the response attribute parser

v3.0.13

  • Work around apparent jar class conflict where SAML decides to set the default owasp security configuration when it is not already set which subsequently causes issues with the rest of the Java environment that does not have access to the SAML classpath

v3.0.12

  • Add fix for Lucee 4 and default namespaces

v3.0.11

  • Strip namespaces from all our SAML xml metadata, responses and requests so that we can consistently and easily parse different SAML implementations that choose either different namespaces, or no namespaces at all

v3.0.10

  • Setup try catch to handle log error in 10.6

v3.0.9

  • Catch incomplete Jumpcloud / SAML2 installation

v3.0.8

  • Fix samlResponse name not using friendly name

v3.0.7

  • Do not attempt to process or parse entities that are not fully setup whenmatching IDPs

v3.0.6

  • Again, fix filter for slug

v3.0.5

  • Fix bad filter on slug for IDPs
  • Only wrap certificate strings in header and footer when necessary
  • Add a 'hack' to work with Preside SAML IDPs who are returning entity ID + /saml2/sso/ as entity ID in auth responses
  • Ensure no double slash in issuer ID for responses
  • Remove hardcoded entity ID for service provider
  • Support saml responses that use a SAML xml namespace rather than SAML2

v3.0.4

  • Remove the Z at the end of dates in saml responses

v3.0.3

  • Second attempt at working around classloader conflict issues

v3.0.2

  • Fix for missing log4j jars (that sometimes break when present and system already has jar loaded - pita)

v3.0.0

  • Move README to github wiki
  • Update code to make compatible with Preside 10.6
  • Ignore all /saml2/ endpoints when determinig request language
  • Implement actual custom login URL route handling
  • Add a setting to be able to customize the endpoint that will initiate IDP login for external IDPs
  • Allow identity provider title/description to be translatable in the admin
  • Refactor service name to be inline with all the other services in this extension
  • Allow downloading of both SP and IDP metadata
  • Show message when no IDPs configured
  • Rejig admin so that all settings are together in one place
  • Begin to move pieces around for more sensible architecture
  • Make SP initiated SSO work
  • Add SAML2 response handler :)
  • Add ability to activate and edit metadata for an IDP
  • Display configured IDPs in list
  • Add DB configured options for IDPs into retrieval of IDPs from service
  • Add a description field to IDPs
  • Setup tabs for SP configuration
  • Add barebones IDP management page
  • Add a service method to list configured IDPs
  • Add an 'enabled' flag to IDPs so that they can be turned off
  • Scale back ambitions - expect SAML IDPs to be configured in code, with just metadata being editorial
  • Add identity provider object
  • FIx up navigation and wording to properly use SAML language (Service Provider vs Identity Provider) + enable both features to be enabled at once

v2.0.2

cec5378 Strip whitespace from X509 cert in SAML response. Causes trouble with some systems

v2.0.1

  • Make postlogin URL work for both SP and IDP initiated SSO workflows

v2.0.0

  • Apply attribute configuration options to SAML response creation
  • Add fields to allow each service provider to have the attributes return configurable
  • Tweak display of actions grid for SSO consumers
  • Add working IDP initiated SAML assertion
  • Add a custom route for IDP initiated single sign-on
  • Add fields for configuring SSO type and producing a link to initiate SSO for IDP initiated flows

v1.0.11

  • Get Javaloader into test suite

v1.0.10

  • Use javaloader to load all opensaml classes

v1.0.8

  • Ammend regex for detecting bad ms formatted dates

v1.0.7

  • Add proper fix instructions for xml document reader bug

v1.0.6

  • Update README to include fix instructions for Xerces and Xalan libs

v1.0.5

  • Improve documentation around providing custom key management logic
  • Remove redundant function and correct return types
  • Make the SamlKeyStore object wrap all of the security logic around getting public and private certificate credentials for the Saml signing certificate

v1.0.4

  • Provide more documentation around customizing authentication and returned data attributes

v1.0.3

  • Add a forgebox type to the repo

v1.0.2

  • Add a download location so forgebox knows where to go get it

v1.0.1

  • Add a build status badge

v1.0.0

  • First release

Here are all the versions for this package. Please note that you can leverage CommandBox package versioning to install any package you like. Please refer to our managing package version guide for more information.

Version Created Last Update Published By Stable Actions
Current
4.1.1 Aug 05 2019 10:09 AM Aug 05 2019 10:09 AM
Version History
4.0.5 Mar 15 2019 07:16 AM Mar 15 2019 07:16 AM
4.0.4 Feb 25 2019 06:10 AM Feb 25 2019 06:10 AM
4.0.2 Feb 22 2019 10:42 AM Feb 22 2019 10:42 AM
4.0.1 Feb 22 2019 09:32 AM Feb 22 2019 09:32 AM
3.0.14 Nov 02 2018 04:52 AM Nov 02 2018 04:52 AM
3.0.13 Oct 15 2018 11:19 AM Oct 15 2018 11:19 AM
3.0.12 Oct 01 2018 11:08 AM Oct 01 2018 11:08 AM
3.0.11 Sep 21 2018 02:12 AM Sep 21 2018 02:12 AM
3.0.10 Aug 31 2018 04:54 AM Aug 31 2018 04:54 AM
3.0.9 Aug 28 2018 05:56 AM Aug 28 2018 05:56 AM
3.0.8 Jun 19 2018 04:43 AM Jun 19 2018 04:43 AM
3.0.7 Jun 04 2018 06:05 AM Jun 04 2018 06:05 AM
3.0.6 Jun 04 2018 05:57 AM Jun 04 2018 05:57 AM
3.0.5 Jun 04 2018 05:52 AM Jun 04 2018 05:52 AM
3.0.4 Mar 27 2018 02:38 AM Mar 27 2018 02:38 AM
3.0.3 Nov 24 2017 09:25 AM Nov 24 2017 09:25 AM
3.0.2 Nov 24 2017 09:03 AM Nov 24 2017 09:03 AM
3.0.1 Nov 24 2017 07:24 AM Nov 24 2017 07:24 AM
2.0.3 Nov 08 2017 02:54 AM Nov 08 2017 02:54 AM
2.0.2 Oct 05 2017 03:10 PM Oct 05 2017 03:10 PM
2.0.1 Sep 19 2017 03:19 PM Sep 19 2017 03:19 PM
2.0.0 Sep 19 2017 12:44 PM Sep 19 2017 12:44 PM
1.0.11 Sep 15 2017 10:14 AM Sep 15 2017 10:14 AM
1.0.10 Sep 15 2017 09:43 AM Sep 15 2017 09:43 AM
1.0.9 Sep 11 2017 05:36 AM Sep 11 2017 05:36 AM
1.0.7 Dec 14 2016 06:25 PM Sep 11 2017 05:34 AM
1.0.6 Nov 29 2016 05:32 AM Nov 29 2016 05:32 AM
1.0.5 Nov 11 2016 10:34 AM Nov 11 2016 10:34 AM
1.0.4 Nov 11 2016 09:57 AM Nov 11 2016 09:57 AM
1.0.3 Nov 11 2016 07:42 AM Nov 11 2016 07:42 AM

 

No collaborators yet.
     
  • Nov 11 2016 07:42 AM
  • Aug 05 2019 10:09 AM
  • 1134
  • 4030
  • 21999