Patrick
Patrick
> What's holding you back from creating an EnhancedUserPassBase Nothing is holding us back from just creating our own. The goal was to make it available to classes that already...
> Typically in a corporate network you have thousands of users sharing a single IP address so rate limiting by IP would be a huge problem there. Yup, that's why...
Thanks @jaimeperez, @hparadiz and @tvdijen for you feedback. This has been helpful to me. > One is that evaluating if this is is a brute force attack is only relevant...
I've pushed an alpha version of rate limiting to https://github.com/cirrusidentity/simplesamlphp-module-ratelimit. @tvdijen Since it is a standalone module, I followed your suggestion of using a different class. It can wrap another...
@tvdijen Using `\SimpleSAML\Auth\Source::getById($authId);` is actually what I did in my first pass through the code. Then I realized that the authsource I wanted to protect could still be called directly...
@ghalse I am also interested in adding this support into SSP. Have you done any code changes in the area? If not that I can start looking in to what...
lol, I should have check the commit log before filing. So the patch makes the error go away but the resulting attribute I think is wrong - the type gets...
I see. I had a slightly different goal in mind. I was thinking we something along these lines ``` php diff --git a/modules/saml/lib/IdP/SAML2.php b/modules/saml/lib/IdP/SAML2.php index 20897dc..6594079 100644 --- a/modules/saml/lib/IdP/SAML2.php +++...
We have some proxy use cases where this is undesirable so it would be nice if there was a way to opt in or opt out of the behavior change....
> Regarding the FriendlyName of attributes, I have never seen any single SP that uses it for anything other than displaying a friendly name for the attribute to the users,...