diff options
| author | Simo Sorce <simo@redhat.com> | 2014-06-17 09:13:38 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2014-06-17 14:51:10 -0400 |
| commit | 8a9b4fe36f1bd9b358b20333956af5602eb48a6c (patch) | |
| tree | 48342203d5526a67bab7c89e32c08652b1acd867 /ipsilon/providers/saml2idp.py | |
| parent | 84d84fb79997679bb5eb3fd86f57bc01c1490dfc (diff) | |
| download | ipsilon-8a9b4fe36f1bd9b358b20333956af5602eb48a6c.tar.gz ipsilon-8a9b4fe36f1bd9b358b20333956af5602eb48a6c.tar.xz ipsilon-8a9b4fe36f1bd9b358b20333956af5602eb48a6c.zip | |
Strenghten default Security options in IDP
Always deny access to the IDP if not using SSL by default.
Always turn on secure/httponly cookies by default.
Add a switch to disable all security options for testing.
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'ipsilon/providers/saml2idp.py')
| -rwxr-xr-x | ipsilon/providers/saml2idp.py | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py index e89fe0c..a94a0a4 100755 --- a/ipsilon/providers/saml2idp.py +++ b/ipsilon/providers/saml2idp.py @@ -246,9 +246,6 @@ class Installer(object): def install_args(self, group): group.add_argument('--saml2', choices=['yes', 'no'], default='yes', help='Configure SAML2 Provider') - group.add_argument('--saml2-secure', - choices=['yes', 'no'], default='yes', - help='Configure SAML2 Provider') def configure(self, opts): if opts['saml2'] != 'yes': @@ -265,7 +262,7 @@ class Installer(object): # Generate Idp Metadata proto = 'https' - if opts['saml2_secure'].lower() == 'no': + if opts['secure'].lower() == 'no': proto = 'http' url = '%s://%s/%s/saml2' % (proto, opts['hostname'], opts['instance']) meta = metadata.Metadata(metadata.IDP_ROLE) |