Page Comparison

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Jira Legacy
server System Jira
serverId 01505d01-b853-3c2e-90f1-ee9b165564fc
key MODLOGSAML-59

Other Considerations

TBDAssuming we go with this basic approach described here, we could take it one step further to fix
Jira Legacy
server System Jira
serverId 01505d01-b853-3c2e-90f1-ee9b165564fc
key MODLOGSAML-58
. More specifically:
- Saving the entire RelayState in the cookie, and comparing the entire RelayState value in POST /saml/callback.
- We might also want to do some validation against the "stripesURL" value provided to POST /saml/login to ensure that it at least matches the origin and that origin is one that's whitelisted in CORS.