idpv3-mfa issueshttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues2020-01-14T10:51:08+01:00https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/1-RM-3632-MR-Install development tools2020-01-14T10:51:08+01:00Etienne Dysli Metref-RM-3632-MR-Install development toolsInstall my development tools on xenos:
- Jenkins on Tomcat 8
- HTTPS config (cert + Apache)
- SP to protect Jenkins
*(from redmine: issue id 3632, created on 2016-04-07, closed on 2016-04-20)*
* Relations:
* child #3633
* ...Install my development tools on xenos:
- Jenkins on Tomcat 8
- HTTPS config (cert + Apache)
- SP to protect Jenkins
*(from redmine: issue id 3632, created on 2016-04-07, closed on 2016-04-20)*
* Relations:
* child #3633
* child #3635
* child #3637
* child #3638
* child #3639
* child #3640
* child #3642
* child #3659w16Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/2-RM-3633-MR-Shib SP on xenos2020-01-14T10:51:10+01:00Etienne Dysli Metref-RM-3633-MR-Shib SP on xenosto protect Jenkins
*(from redmine: issue id 3633, created on 2016-04-11, closed on 2016-04-20)*
* Relations:
* parent #3632to protect Jenkins
*(from redmine: issue id 3633, created on 2016-04-11, closed on 2016-04-20)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/3-RM-3634-MR-cert mfa-dev.ed.switch.ch2020-01-14T10:51:11+01:00Etienne Dysli Metref-RM-3634-MR-cert mfa-dev.ed.switch.ch
*(from redmine: issue id 3634, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3654
*(from redmine: issue id 3634, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3654Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/4-RM-3635-MR-cert ci.ed.switch.ch2020-01-14T10:51:12+01:00Etienne Dysli Metref-RM-3635-MR-cert ci.ed.switch.ch
*(from redmine: issue id 3635, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632
*(from redmine: issue id 3635, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/5-RM-3636-MR-Apache config mfa-dev.ed.switch.ch2020-01-14T10:51:14+01:00Etienne Dysli Metref-RM-3636-MR-Apache config mfa-dev.ed.switch.ch
*(from redmine: issue id 3636, created on 2016-04-11, closed on 2016-05-04)*
* Relations:
* parent #3654
*(from redmine: issue id 3636, created on 2016-04-11, closed on 2016-05-04)*
* Relations:
* parent #3654Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/6-RM-3637-MR-Apache config ci.ed.switch.ch2020-01-14T10:51:15+01:00Etienne Dysli Metref-RM-3637-MR-Apache config ci.ed.switch.chcert + AJP to Jenkins
with Puppet
*(from redmine: issue id 3637, created on 2016-04-11, closed on 2016-04-18)*
* Relations:
* parent #3632cert + AJP to Jenkins
with Puppet
*(from redmine: issue id 3637, created on 2016-04-11, closed on 2016-04-18)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/7-RM-3638-MR-Try Jenkins 2.02020-01-14T10:51:16+01:00Etienne Dysli Metref-RM-3638-MR-Try Jenkins 2.0
*(from redmine: issue id 3638, created on 2016-04-11, closed on 2016-04-13)*
* Relations:
* parent #3632
*(from redmine: issue id 3638, created on 2016-04-11, closed on 2016-04-13)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/8-RM-3639-MR-Tomcat 8 on xenos2020-01-14T10:51:17+01:00Etienne Dysli Metref-RM-3639-MR-Tomcat 8 on xenos
*(from redmine: issue id 3639, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632
*(from redmine: issue id 3639, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/9-RM-3640-MR-systemd unit for Tomcat 8 with Jenkins2020-01-14T10:51:18+01:00Etienne Dysli Metref-RM-3640-MR-systemd unit for Tomcat 8 with Jenkins
*(from redmine: issue id 3640, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632
*(from redmine: issue id 3640, created on 2016-04-11, closed on 2016-04-11)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/10-RM-3642-MR-Puppet modules for Jenkins on Tomcat 82020-01-14T10:51:20+01:00Etienne Dysli Metref-RM-3642-MR-Puppet modules for Jenkins on Tomcat 8- ceso\_jenkins
- ceso\_profile::jenkins
*(from redmine: issue id 3642, created on 2016-04-13, closed on 2016-04-15)*
* Relations:
* parent #3632- ceso\_jenkins
- ceso\_profile::jenkins
*(from redmine: issue id 3642, created on 2016-04-13, closed on 2016-04-15)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/22-RM-3654-MR-Install demo IdP2020-01-14T10:51:26+01:00Etienne Dysli Metref-RM-3654-MR-Install demo IdPDeployment target
*(from redmine: issue id 3654, created on 2016-04-13, closed on 2016-05-04)*
* Relations:
* child #3634
* child #3636
* child #3655
* child #3656Deployment target
*(from redmine: issue id 3654, created on 2016-04-13, closed on 2016-05-04)*
* Relations:
* child #3634
* child #3636
* child #3655
* child #3656w18Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/23-RM-3655-MR-Prepare IdP config in Puppet2020-01-14T10:51:27+01:00Etienne Dysli Metref-RM-3655-MR-Prepare IdP config in Puppet
*(from redmine: issue id 3655, created on 2016-04-13, closed on 2016-04-26)*
* Relations:
* parent #3654
*(from redmine: issue id 3655, created on 2016-04-13, closed on 2016-04-26)*
* Relations:
* parent #3654Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/24-RM-3656-MR-Register IdP in AAI Test federation2020-01-14T10:51:28+01:00Etienne Dysli Metref-RM-3656-MR-Register IdP in AAI Test federation
*(from redmine: issue id 3656, created on 2016-04-13, closed on 2016-05-04)*
* Relations:
* parent #3654
*(from redmine: issue id 3656, created on 2016-04-13, closed on 2016-05-04)*
* Relations:
* parent #3654Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/25-RM-3658-MR-Setup build & test tools2020-01-14T10:51:29+01:00Etienne Dysli Metref-RM-3658-MR-Setup build & test tools- Maven POM
- Robot Framework + Selenium
- Deployment on demo IdP machine
*(from redmine: issue id 3658, created on 2016-04-19, closed on 2016-05-04)*
* Relations:
* child #3660
* child #3662
* child #3666- Maven POM
- Robot Framework + Selenium
- Deployment on demo IdP machine
*(from redmine: issue id 3658, created on 2016-04-19, closed on 2016-05-04)*
* Relations:
* child #3660
* child #3662
* child #3666w18Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/26-RM-3659-MR-Obtain Git read access for Jenkins2020-01-14T10:51:30+01:00Etienne Dysli Metref-RM-3659-MR-Obtain Git read access for Jenkins
*(from redmine: issue id 3659, created on 2016-04-19, closed on 2016-04-19)*
* Relations:
* parent #3632
*(from redmine: issue id 3659, created on 2016-04-19, closed on 2016-04-19)*
* Relations:
* parent #3632Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/27-RM-3660-MR-Configure Jenkins jobs2020-01-14T10:51:32+01:00Etienne Dysli Metref-RM-3660-MR-Configure Jenkins jobs
*(from redmine: issue id 3660, created on 2016-04-19, closed on 2016-04-28)*
* Relations:
* parent #3658
*(from redmine: issue id 3660, created on 2016-04-19, closed on 2016-04-28)*
* Relations:
* parent #3658Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/28-RM-3661-MR-Install demo SP2020-01-14T10:51:33+01:00Etienne Dysli Metref-RM-3661-MR-Install demo SP
*(from redmine: issue id 3661, created on 2016-04-20, closed on 2016-06-28)*
* Relations:
* child #3681
* child #3682
* child #3683
* child #3684
* child #3697
*(from redmine: issue id 3661, created on 2016-04-20, closed on 2016-06-28)*
* Relations:
* child #3681
* child #3682
* child #3683
* child #3684
* child #3697w26Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/29-RM-3662-MR-Create Maven POM2020-01-14T10:51:34+01:00Etienne Dysli Metref-RM-3662-MR-Create Maven POM- shibboleth.net repositories
- IdP 3.2.1 dependencies
- test dependencies (junit, spring-test)
*(from redmine: issue id 3662, created on 2016-04-20, closed on 2016-04-28)*
* Relations:
* parent #3658- shibboleth.net repositories
- IdP 3.2.1 dependencies
- test dependencies (junit, spring-test)
*(from redmine: issue id 3662, created on 2016-04-20, closed on 2016-04-28)*
* Relations:
* parent #3658Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/32-RM-3666-MR-Add post-receive hook on Git repo to trigger builds2020-01-14T10:51:37+01:00Etienne Dysli Metref-RM-3666-MR-Add post-receive hook on Git repo to trigger builds
*(from redmine: issue id 3666, created on 2016-04-26, closed on 2016-05-04)*
* Relations:
* parent #3658
*(from redmine: issue id 3666, created on 2016-04-26, closed on 2016-05-04)*
* Relations:
* parent #3658Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/33-RM-3674-MR-Login flow with one form2020-01-14T10:51:39+01:00Etienne Dysli Metref-RM-3674-MR-Login flow with one formTo do
=====
Write one independent login flow with a single form (screen) with one
input field.
- fake authN, input is not actually checked
- configure IdP to run this flow with a new authN context class
How to test?
============
...To do
=====
Write one independent login flow with a single form (screen) with one
input field.
- fake authN, input is not actually checked
- configure IdP to run this flow with a new authN context class
How to test?
============
1. Send SAML AuthNRequest asking for the new authN context class to the
IdP
2. IdP should display the form
3. Submit form
4. IdP should produce a SAML AuthN assertion with the new authN context
class
Actual result
=============
IdP produces an error assertion because there is no subject defined by
the flow.
*(from redmine: issue id 3674, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* relates #3680
* child #3675
* child #3676
* child #3677
* child #3678
* child #3679w22Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/34-RM-3675-MR-SWF integration test2020-01-14T10:51:40+01:00Etienne Dysli Metref-RM-3675-MR-SWF integration test
*(from redmine: issue id 3675, created on 2016-05-04, closed on 2016-05-13)*
* Relations:
* parent #3674
*(from redmine: issue id 3675, created on 2016-05-04, closed on 2016-05-13)*
* Relations:
* parent #3674Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/35-RM-3676-MR-decide new authN context class URL2020-01-14T10:51:41+01:00Etienne Dysli Metref-RM-3676-MR-decide new authN context class URL
*(from redmine: issue id 3676, created on 2016-05-04, closed on 2016-05-13)*
* Relations:
* blocks #3677
* parent #3674
*(from redmine: issue id 3676, created on 2016-05-04, closed on 2016-05-13)*
* Relations:
* blocks #3677
* parent #3674Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/36-RM-3677-MR-configure IdP with flow + authN context class2020-01-14T10:51:41+01:00Etienne Dysli Metref-RM-3677-MR-configure IdP with flow + authN context class
*(from redmine: issue id 3677, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* blocks #3676
* parent #3674
*(from redmine: issue id 3677, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* blocks #3676
* parent #3674Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/37-RM-3678-MR-write SWF flow description2020-01-14T10:51:42+01:00Etienne Dysli Metref-RM-3678-MR-write SWF flow description
*(from redmine: issue id 3678, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* parent #3674
*(from redmine: issue id 3678, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* parent #3674Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/38-RM-3679-MR-write form view2020-01-14T10:51:43+01:00Etienne Dysli Metref-RM-3679-MR-write form view
*(from redmine: issue id 3679, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* parent #3674
*(from redmine: issue id 3679, created on 2016-05-04, closed on 2016-05-31)*
* Relations:
* parent #3674Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/40-RM-3681-MR-install SP package2020-01-14T10:51:44+01:00Etienne Dysli Metref-RM-3681-MR-install SP package
*(from redmine: issue id 3681, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661
*(from redmine: issue id 3681, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/41-RM-3682-MR-Apache config with Puppet2020-01-14T10:51:46+01:00Etienne Dysli Metref-RM-3682-MR-Apache config with Puppet
*(from redmine: issue id 3682, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661
*(from redmine: issue id 3682, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/42-RM-3683-MR-configure SP login endpoint with IdP and authN context class2020-01-14T10:51:47+01:00Etienne Dysli Metref-RM-3683-MR-configure SP login endpoint with IdP and authN context class
*(from redmine: issue id 3683, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661
*(from redmine: issue id 3683, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/43-RM-3684-MR-register SP in test federation2020-01-14T10:51:48+01:00Etienne Dysli Metref-RM-3684-MR-register SP in test federation
*(from redmine: issue id 3684, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661
*(from redmine: issue id 3684, created on 2016-05-04, closed on 2016-06-28)*
* Relations:
* parent #3661Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/45-RM-3686-MR-Review state of IdP 3.32020-01-14T10:51:50+01:00Etienne Dysli Metref-RM-3686-MR-Review state of IdP 3.3
*(from redmine: issue id 3686, created on 2016-05-04, closed on 2016-05-31)*
*(from redmine: issue id 3686, created on 2016-05-04, closed on 2016-05-31)*w22Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/46-RM-3690-MR-Provide IdP installation instructions2020-01-14T10:51:52+01:00Etienne Dysli Metref-RM-3690-MR-Provide IdP installation instructionsTo install this project on an existing IdP, list of changes from our
"default" guide installation.
evt. difftar
*(from redmine: issue id 3690, created on 2016-06-01, closed on 2016-06-13)*To install this project on an existing IdP, list of changes from our
"default" guide installation.
evt. difftar
*(from redmine: issue id 3690, created on 2016-06-01, closed on 2016-06-13)*w24Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/47-RM-3694-MR-Remove errors in simple flow2020-01-14T10:51:54+01:00Etienne Dysli Metref-RM-3694-MR-Remove errors in simple flowFix the "simple" login flow so that processing at the IdP can
successfully complete and return to the SP.
- must create session objects
- fixed username
*(from redmine: issue id 3694, created on 2016-06-15, closed on 2016-07-26)*...Fix the "simple" login flow so that processing at the IdP can
successfully complete and return to the SP.
- must create session objects
- fixed username
*(from redmine: issue id 3694, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* child #3698
* child #3699
* child #3700
* child #3731
* Uploads:
* [mfa-flows-1.0-SNAPSHOT.jar](/uploads/a1faae9d8e2bcbc0be80ebd770eed08b/mfa-flows-1.0-SNAPSHOT.jar) build 15w30Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/48-RM-3695-MR-Use initial authentication together with simple flow2020-01-14T10:51:55+01:00Etienne Dysli Metref-RM-3695-MR-Use initial authentication together with simple flowActivate initial authentication on IdP with the "Password" flow.
- "simple" flow form should display username entered during initial
authn
- OTP still not verified
*(from redmine: issue id 3695, created on 2016-06-15, closed ...Activate initial authentication on IdP with the "Password" flow.
- "simple" flow form should display username entered during initial
authn
- OTP still not verified
*(from redmine: issue id 3695, created on 2016-06-15, closed on 2016-08-04)*
* Relations:
* child #3701
* child #3702
* child #3703w32Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/49-RM-3696-MR-Use a Java RADIUS library2020-01-14T10:51:56+01:00Etienne Dysli Metref-RM-3696-MR-Use a Java RADIUS libraryOld description moved to \#3737
*(from redmine: issue id 3696, created on 2016-06-15, closed on 2016-08-24)*
* Relations:
* child #3704
* child #3719Old description moved to \#3737
*(from redmine: issue id 3696, created on 2016-06-15, closed on 2016-08-24)*
* Relations:
* child #3704
* child #3719w34Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/50-RM-3697-MR-Write web page with login links2020-01-14T10:51:57+01:00Etienne Dysli Metref-RM-3697-MR-Write web page with login linksWeb page on the SP with demo login links:
- don't request any authn method
- request simple
*(from redmine: issue id 3697, created on 2016-06-15, closed on 2016-06-28)*
* Relations:
* parent #3661Web page on the SP with demo login links:
- don't request any authn method
- request simple
*(from redmine: issue id 3697, created on 2016-06-15, closed on 2016-06-28)*
* Relations:
* parent #3661Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/51-RM-3698-MR-figure out what session objects to create2020-01-14T10:51:59+01:00Etienne Dysli Metref-RM-3698-MR-figure out what session objects to create
*(from redmine: issue id 3698, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694
*(from redmine: issue id 3698, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/52-RM-3699-MR-define flow beans2020-01-14T10:52:00+01:00Etienne Dysli Metref-RM-3699-MR-define flow beans
*(from redmine: issue id 3699, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694
*(from redmine: issue id 3699, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/53-RM-3700-MR-add flow actions to create session2020-01-14T10:52:02+01:00Etienne Dysli Metref-RM-3700-MR-add flow actions to create session
*(from redmine: issue id 3700, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694
*(from redmine: issue id 3700, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* parent #3694Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/54-RM-3701-MR-configure IdP for initial authn with Password2020-01-14T10:52:03+01:00Etienne Dysli Metref-RM-3701-MR-configure IdP for initial authn with Password
*(from redmine: issue id 3701, created on 2016-06-15, closed on 2016-07-29)*
* Relations:
* parent #3695
*(from redmine: issue id 3701, created on 2016-06-15, closed on 2016-07-29)*
* Relations:
* parent #3695Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/55-RM-3702-MR-modify simple flow to fetch username from session2020-01-14T10:52:04+01:00Etienne Dysli Metref-RM-3702-MR-modify simple flow to fetch username from session
*(from redmine: issue id 3702, created on 2016-06-15, closed on 2016-07-29)*
* Relations:
* parent #3695
*(from redmine: issue id 3702, created on 2016-06-15, closed on 2016-07-29)*
* Relations:
* parent #3695Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/56-RM-3703-MR-modify simple flow view to display username2020-01-14T10:52:05+01:00Etienne Dysli Metref-RM-3703-MR-modify simple flow view to display username
*(from redmine: issue id 3703, created on 2016-06-15, closed on 2016-08-04)*
* Relations:
* parent #3695
*(from redmine: issue id 3703, created on 2016-06-15, closed on 2016-08-04)*
* Relations:
* parent #3695Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/57-RM-3704-MR-find a good Java library for RADIUS2020-01-14T10:52:07+01:00Etienne Dysli Metref-RM-3704-MR-find a good Java library for RADIUSfallback to executing radclient as first step
*(from redmine: issue id 3704, created on 2016-06-15, closed on 2016-08-23)*
* Relations:
* parent #3696fallback to executing radclient as first step
*(from redmine: issue id 3704, created on 2016-06-15, closed on 2016-08-23)*
* Relations:
* parent #3696Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/58-RM-3705-MR-Wire OTP extraction bean in simple flow2020-01-14T10:52:08+01:00Etienne Dysli Metref-RM-3705-MR-Wire OTP extraction bean in simple flowbetween view state and validation action state
need to mock the HTTP request in tests
*(from redmine: issue id 3705, created on 2016-06-15, closed on 2016-09-08)*
* Relations:
* parent #3740between view state and validation action state
need to mock the HTTP request in tests
*(from redmine: issue id 3705, created on 2016-06-15, closed on 2016-09-08)*
* Relations:
* parent #3740Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/59-RM-3706-MR-Modify validation action to validate OTPs against fake RADIUS val...2020-01-14T10:52:09+01:00Etienne Dysli Metref-RM-3706-MR-Modify validation action to validate OTPs against fake RADIUS validator serviceneeds an "OTP verifier" interface to hide RADIUS
*(from redmine: issue id 3706, created on 2016-06-15, closed on 2016-09-09)*
* Relations:
* parent #3737needs an "OTP verifier" interface to hide RADIUS
*(from redmine: issue id 3706, created on 2016-06-15, closed on 2016-09-09)*
* Relations:
* parent #3737Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/61-RM-3712-MR-Document Apache directives around authNContextClass2020-01-14T10:52:10+01:00Etienne Dysli Metref-RM-3712-MR-Document Apache directives around authNContextClassDocument Apache directives provided by mod\_shib for requesting a given
authNContextClass and verifying that a session was initiated with that
class.
*(from redmine: issue id 3712, created on 2016-06-29, closed on 2016-07-13)*Document Apache directives provided by mod\_shib for requesting a given
authNContextClass and verifying that a session was initiated with that
class.
*(from redmine: issue id 3712, created on 2016-06-29, closed on 2016-07-13)*w28Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/62-RM-3719-MR-Document RADIUS conversation2020-01-14T10:52:11+01:00Etienne Dysli Metref-RM-3719-MR-Document RADIUS conversationWrite down which RADIUS messages are used/expected in the conversation
to verify one OTP.
*(from redmine: issue id 3719, created on 2016-07-13, closed on 2016-08-23)*
* Relations:
* parent #3696Write down which RADIUS messages are used/expected in the conversation
to verify one OTP.
*(from redmine: issue id 3719, created on 2016-07-13, closed on 2016-08-23)*
* Relations:
* parent #3696https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/63-RM-3721-MR-Login flow with one screen?2020-01-14T10:52:12+01:00Etienne Dysli Metref-RM-3721-MR-Login flow with one screen?If the flow with two screens is not satisfactory, implement everything
in one step i.e. password and OTP in the same form. Must make a copy of
the existing Password flow and add the second factor in it.
*(from redmine: issue id 3721, c...If the flow with two screens is not satisfactory, implement everything
in one step i.e. password and OTP in the same form. Must make a copy of
the existing Password flow and add the second factor in it.
*(from redmine: issue id 3721, created on 2016-07-13, closed on 2016-11-28)*nexthttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/64-RM-3722-MR-Button to send SMS OTP2020-01-14T10:52:13+01:00Etienne Dysli Metref-RM-3722-MR-Button to send SMS OTPButton on the login form that triggers sending a SMS OTP.
Send "sms" as password in Access-Request packet.
*(from redmine: issue id 3722, created on 2016-07-13, closed on 2016-11-25)*Button on the login form that triggers sending a SMS OTP.
Send "sms" as password in Access-Request packet.
*(from redmine: issue id 3722, created on 2016-07-13, closed on 2016-11-25)*w48https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/65-RM-3723-MR-Token enrollment procedure2020-01-14T10:52:13+01:00Etienne Dysli Metref-RM-3723-MR-Token enrollment procedureDescribe how users can get a new token (first time).
*(from redmine: issue id 3723, created on 2016-07-13, closed on 2016-09-19)*Describe how users can get a new token (first time).
*(from redmine: issue id 3723, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/66-RM-3724-MR-Token replacement procedure2020-01-14T10:52:14+01:00Etienne Dysli Metref-RM-3724-MR-Token replacement procedureDescribe how users can have their token replaced.
*(from redmine: issue id 3724, created on 2016-07-13, closed on 2016-09-19)*Describe how users can have their token replaced.
*(from redmine: issue id 3724, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/67-RM-3725-MR-Token revocation procedure2020-01-14T10:52:14+01:00Etienne Dysli Metref-RM-3725-MR-Token revocation procedureDescribe how tokens can be revoked.
*(from redmine: issue id 3725, created on 2016-07-13, closed on 2016-09-19)*Describe how tokens can be revoked.
*(from redmine: issue id 3725, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/68-RM-3731-MR-Update installation instructions2020-01-14T10:52:15+01:00Etienne Dysli Metref-RM-3731-MR-Update installation instructionsNew: project must be built to get a JAR to install.
*(from redmine: issue id 3731, created on 2016-07-26, closed on 2016-07-26)*
* Relations:
* parent #3694New: project must be built to get a JAR to install.
*(from redmine: issue id 3731, created on 2016-07-26, closed on 2016-07-26)*
* Relations:
* parent #3694Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/70-RM-3735-MR-Add TinyRadius to the Maven build2020-01-14T10:52:16+01:00Etienne Dysli Metref-RM-3735-MR-Add TinyRadius to the Maven buildprobably via a git subtree
*(from redmine: issue id 3735, created on 2016-08-23, closed on 2016-09-12)*
* Relations:
* parent #3737probably via a git subtree
*(from redmine: issue id 3735, created on 2016-08-23, closed on 2016-09-12)*
* Relations:
* parent #3737Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/71-RM-3737-MR-Verify OTPs over RADIUS2020-01-14T10:52:17+01:00Etienne Dysli Metref-RM-3737-MR-Verify OTPs over RADIUSCopied from \#3696.
Make the "simple" flow verify OTPs by contacting the authentication
server over RADIUS. No SMS support yet.
- send Access-Request
- expect Access-Accept
What happens on errors?
*(from redmine: issue id 3737, ...Copied from \#3696.
Make the "simple" flow verify OTPs by contacting the authentication
server over RADIUS. No SMS support yet.
- send Access-Request
- expect Access-Accept
What happens on errors?
*(from redmine: issue id 3737, created on 2016-08-24, closed on 2016-09-19)*
* Relations:
* child #3706
* child #3735
* child #3741
* child #3742w38Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/72-RM-3739-MR-New action bean to extract OTP from HTTP request2020-01-14T10:52:17+01:00Etienne Dysli Metref-RM-3739-MR-New action bean to extract OTP from HTTP requestJust like
`net.shibboleth.idauthn.impl.ExtractUsernamePasswordFromFormRequest`.
Should add a new context containing the OTP under the
`AuthenticationContext`.
Obviously, should be executed right after the view state displaying the
fo...Just like
`net.shibboleth.idauthn.impl.ExtractUsernamePasswordFromFormRequest`.
Should add a new context containing the OTP under the
`AuthenticationContext`.
Obviously, should be executed right after the view state displaying the
form.
*(from redmine: issue id 3739, created on 2016-09-06, closed on 2016-09-07)*
* Relations:
* parent #3740Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/73-RM-3740-MR-Read OTP from simple flow form2020-01-14T10:52:18+01:00Etienne Dysli Metref-RM-3740-MR-Read OTP from simple flow formThe simple flow should read the OTP field from its form view.
*(from redmine: issue id 3740, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* child #3705
* child #3739The simple flow should read the OTP field from its form view.
*(from redmine: issue id 3740, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* child #3705
* child #3739w36Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/74-RM-3741-MR-New bean: OTP validator service2020-01-14T10:52:19+01:00Etienne Dysli Metref-RM-3741-MR-New bean: OTP validator serviceinterface + mock for tests
*(from redmine: issue id 3741, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* parent #3737interface + mock for tests
*(from redmine: issue id 3741, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* parent #3737Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/75-RM-3742-MR-Implement OTP validator service using TinyRadius2020-01-14T10:52:20+01:00Etienne Dysli Metref-RM-3742-MR-Implement OTP validator service using TinyRadiusUse `org.tinyradius.util.RadiusClient` or write a better client?
*(from redmine: issue id 3742, created on 2016-09-07, closed on 2016-09-15)*
* Relations:
* parent #3737Use `org.tinyradius.util.RadiusClient` or write a better client?
*(from redmine: issue id 3742, created on 2016-09-07, closed on 2016-09-15)*
* Relations:
* parent #3737Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/76-RM-3747-MR-Improve error handling in simple flow2020-01-14T10:52:21+01:00Etienne Dysli Metref-RM-3747-MR-Improve error handling in simple flowwrong OTP ->sends SAML error to SP, not ideal...
Submitting a wrong OTP should loop back to the OTP form.
*(from redmine: issue id 3747, created on 2016-09-19, closed on 2016-11-01)*
* Relations:
* child #3755
* child #3757wrong OTP ->sends SAML error to SP, not ideal...
Submitting a wrong OTP should loop back to the OTP form.
*(from redmine: issue id 3747, created on 2016-09-19, closed on 2016-11-01)*
* Relations:
* child #3755
* child #3757w42Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/78-RM-3749-MR-Rename simple flow2020-01-14T10:52:22+01:00Etienne Dysli Metref-RM-3749-MR-Rename simple flowThe "simple" flow is no longer simple. Find a better name and rename
every reference.
*(from redmine: issue id 3749, created on 2016-09-19, closed on 2016-11-28)*The "simple" flow is no longer simple. Find a better name and rename
every reference.
*(from redmine: issue id 3749, created on 2016-09-19, closed on 2016-11-28)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/79-RM-3751-MR-Use the InCommon MFA Profile2020-01-14T10:52:22+01:00Etienne Dysli Metref-RM-3751-MR-Use the InCommon MFA ProfileReplace the development authentication context class
`https://mfa-dev.ed.switch.ch/idp/mfa/simple` with the InCommon MFA
Profile `http://id.incommon.org/assurance/mfa`. This offers better
interoperability when moving to production.
Repl...Replace the development authentication context class
`https://mfa-dev.ed.switch.ch/idp/mfa/simple` with the InCommon MFA
Profile `http://id.incommon.org/assurance/mfa`. This offers better
interoperability when moving to production.
Replace in:
- <s>`conf/authn/general-authn.xml` (Puppet config)</s>
- <s>`README.md`</s>
- <s>`index.html` (on mfa-dev)</s>
- <s>Apache config (Hiera)</s>
*(from redmine: issue id 3751, created on 2016-09-20, closed on 2016-11-28)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/80-RM-3755-MR-Submitting a wrong OTP should loop back to the OTP form2020-01-14T10:52:23+01:00Etienne Dysli Metref-RM-3755-MR-Submitting a wrong OTP should loop back to the OTP formadd a transition on InvalidCredentials
*(from redmine: issue id 3755, created on 2016-09-22, closed on 2016-09-22)*
* Relations:
* parent #3747add a transition on InvalidCredentials
*(from redmine: issue id 3755, created on 2016-09-22, closed on 2016-09-22)*
* Relations:
* parent #3747Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/81-RM-3756-MR-Add error message on OTP form2020-01-14T10:52:24+01:00Etienne Dysli Metref-RM-3756-MR-Add error message on OTP formShould display something on invalid OTP like the password form does.
- invalid credentials
- RADIUS server unreachable
- SMS sending error
*(from redmine: issue id 3756, created on 2016-09-22, closed on 2016-11-14)*Should display something on invalid OTP like the password form does.
- invalid credentials
- RADIUS server unreachable
- SMS sending error
*(from redmine: issue id 3756, created on 2016-09-22, closed on 2016-11-14)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/82-RM-3757-MR-Submitting an empty OTP should loop back to the OTP form2020-01-14T10:52:25+01:00Etienne Dysli Metref-RM-3757-MR-Submitting an empty OTP should loop back to the OTP formadd transition on NoCredentials
*(from redmine: issue id 3757, created on 2016-09-22, closed on 2016-09-22)*
* Relations:
* parent #3747add transition on NoCredentials
*(from redmine: issue id 3757, created on 2016-09-22, closed on 2016-09-22)*
* Relations:
* parent #3747Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/85-RM-3771-MR-Demo SP application2020-01-14T10:52:27+01:00Etienne Dysli Metref-RM-3771-MR-Demo SP applicationTry different authentication levels and switching between them on the
same SP.
*(from redmine: issue id 3771, created on 2016-10-19, closed on 2016-11-15)*Try different authentication levels and switching between them on the
same SP.
*(from redmine: issue id 3771, created on 2016-10-19, closed on 2016-11-15)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/86-RM-3776-MR-Add all missing Velocity variables2020-01-14T10:52:28+01:00Etienne Dysli Metref-RM-3776-MR-Add all missing Velocity variablesProvide variables listed in
[VelocityVariables](https://wiki.shibboleth.net/confluence/display/IDP30/VelocityVariables)
in the form view.
Variables available in all templates
====================================
- <s>encoder</s>
- ...Provide variables listed in
[VelocityVariables](https://wiki.shibboleth.net/confluence/display/IDP30/VelocityVariables)
in the form view.
Variables available in all templates
====================================
- <s>encoder</s>
- <s>profileRequestContext</s>
- <s>environment</s>
- <s>custom</s>
- <s>request</s>
- <s>response</s>
- <s>flowRequestContext</s>
- <s>springMacroRequestContext</s>
Variables available to password login view
==========================================
- <s>rpUIContext</s>
- <s>authenticationContext</s>
- <s>authenticationErrorContext</s>
- <s>authenticationWarningContext</s>
- <s>ldapResponseContext</s>
- <s>extendedAuthenticationFlows</s>
*(from redmine: issue id 3776, created on 2016-11-02, closed on 2016-11-14)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/87-RM-3784-MR-Display message after SMS sent2020-01-14T10:52:29+01:00Etienne Dysli Metref-RM-3784-MR-Display message after SMS sentDisplay a confirmation message that the SMS OTP has been sent on the
login form, after the "Send SMS" button has been clicked.
*(from redmine: issue id 3784, created on 2016-11-28, closed on 2016-11-29)*Display a confirmation message that the SMS OTP has been sent on the
login form, after the "Send SMS" button has been clicked.
*(from redmine: issue id 3784, created on 2016-11-28, closed on 2016-11-29)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/88-RM-3785-MR-Customise send SMS button text2020-01-14T10:52:30+01:00Etienne Dysli Metref-RM-3785-MR-Customise send SMS button text
*(from redmine: issue id 3785, created on 2016-11-30, closed on 2016-12-01)*
*(from redmine: issue id 3785, created on 2016-11-30, closed on 2016-12-01)*w50Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/90-RM-3787-MR-Release version 1.0.02020-01-14T10:52:31+01:00Etienne Dysli Metref-RM-3787-MR-Release version 1.0.0
*(from redmine: issue id 3787, created on 2016-12-01, closed on 2016-12-01)*
*(from redmine: issue id 3787, created on 2016-12-01, closed on 2016-12-01)*w50Etienne Dysli MetrefEtienne Dysli Metref