View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006767 | SymmetricDS Pro | Improvement | public | 2025-03-17 16:42 | 2025-03-17 17:10 |
| Reporter | emiller | Assigned To | emiller | ||
| Priority | normal | ||||
| Status | resolved | Resolution | fixed | ||
| Product Version | 3.16.0 | ||||
| Target Version | 3.16.1 | Fixed in Version | 3.16.1 | ||
| Summary | 0006767: Sign SAML requests with SHA-256 instead of SHA-1 | ||||
| Description | There's an open issue with the SAML library that SymmetricDS uses where it defaults to signing requests with SHA-1, which is an obsolete signature algorithm: https://github.com/SAML-Toolkits/java-saml/issues/415 Some identity providers require a newer signature algorithm and will return a response of "urn:oasis:names:tc:SAML:2.0:status:Responder" if the request is signed with SHA-1, causing the SAML login to fail. Change the signature algorithm to SHA-256, which is not obsolete. | ||||
| Tags | security | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-03-17 16:42 | emiller | New Issue | |
| 2025-03-17 16:42 | emiller | Status | new => assigned |
| 2025-03-17 16:42 | emiller | Assigned To | => emiller |
| 2025-03-17 16:42 | emiller | Tag Attached: security | |
| 2025-03-17 16:42 | emiller | Issue generated from: 0006766 | |
| 2025-03-17 16:42 | emiller | Relationship added | related to 0006766 |
| 2025-03-17 17:10 | emiller | Status | assigned => resolved |
| 2025-03-17 17:10 | emiller | Resolution | open => fixed |
| 2025-03-17 17:10 | emiller | Fixed in Version | => 3.16.1 |