mzico
mzico
The hash value of the Redis password is being encrypted by oxTrust instead of the clear text with each "Update" in oxTrust, resulting in the loss of the password. Recorded...
Experience from 3.1.6: - User has proper format xlsx spreasheet - There are duplicate entries - When we went to upload this xlsx spreadsheet; Gluu Server rejected upload/import due to...
## Describe the issue Accessing Federation Trust Relationship from oxTrust take 5~10 mins to load. Accessing means, just entering into InCommon Trust relationship page from oxTrust. ## Steps To Reproduce...
I am testing [Brute Force Protection](https://gluu.org/docs/gluu-server/4.3/reference/JSON-oxauth-prop/#brute-force-protection), it's working perfectly when primary key is "UID". Testing with "Email" is not actually doing what it suppose to do but resulting 502. As...
Shibb / oxTrust mostly depends on internet to 'reach' SP's entityID AND online SAML validators ( i.e. Schema document in 'http://www.w3.org/ ) to 'validate' SAML metadata inside Gluu Server. There...
Bootstrap version < 3.4.0 ( less than 3.4.0 ) is prone to XSS attack. Ref: https://nvd.nist.gov/vuln/detail/cve-2018-20677
jQuery version < 3 ( less than 3.0.0 ) is vulnerable to XSS attacks. Update if required. Reference: https://nvd.nist.gov/vuln/detail/cve-2015-9251
I am unable to use "Multivalued" option in Attribute section. It's not working. 
Currently if we want to enable any script it complete sanity checks on runtime but script keep itself in "enabled" mode. By keeping it in enable, end user might fall...
We have enabled custom validation for `Password` attribute. Which is: - Flex: 5.1.0 in Ubuntu 22 with Postgresql backend. - Regular expression: `^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#&()–[{}]:;',?/*~$^+=]).{8,20}$` - Minimum Length: 6, Maximum Length: 12...