Chris Wysopal<p>These SAMLStorm vulnerabilities have been public for a couple weeks now. Anyone seeing exploitation in the wild? How’s patching going across vendors and infra? <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://infosec.exchange/tags/NodeJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NodeJS</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a></p>
Recent searches
No recent searches
Search options
Not available on mastodon.xyz.
mastodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance, open to everyone, but mainly English and French speaking.
Administered by:
Server stats:
817active users
mastodon.xyz: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#saml
0 posts · 0 participants · 0 posts today
Olly 👾<p>:github: GitHub uncovers new Ruby-SAML Vulnerabilities allowing Account Takeover Attacks.</p><p>Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections.</p><p><a href="https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.blog/security/sign-in-a</span><span class="invisible">s-anyone-bypassing-saml-sso-authentication-with-parser-differentials/</span></a></p><p><a href="https://nerdculture.de/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://nerdculture.de/tags/ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ruby</span></a> <a href="https://nerdculture.de/tags/saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>saml</span></a> <a href="https://nerdculture.de/tags/library" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>library</span></a> <a href="https://nerdculture.de/tags/it" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>it</span></a> <a href="https://nerdculture.de/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://nerdculture.de/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>privacy</span></a> <a href="https://nerdculture.de/tags/engineer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>engineer</span></a> <a href="https://nerdculture.de/tags/media" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>media</span></a> <a href="https://nerdculture.de/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a> <a href="https://nerdculture.de/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> <a href="https://nerdculture.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a></p>
sekurak News<p>GitLab naprawia podatności związane z biblioteką ruby-saml</p><p>GitLab ogłosił wydanie nowych wersji oprogramowania. Aktualizacja dotyczy zarówno Community Edition, jak i Enterprise Edition. Poprawione wersje to 17.9.2, 17.8.5 oraz 17.7.7. Najważniejsza poprawka dotyczy dwóch podatności (CVE-2025-25291, CVE-2025-25292), zgłoszonych w bibliotece ruby-saml, która jest wykorzystywana przez GitLab do SAML SSO (security assertion markup language; single sign-on). W pewnych okolicznościach...</p><p><a href="https://mastodon.com.pl/tags/WBiegu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WBiegu</span></a> <a href="https://mastodon.com.pl/tags/Cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cve</span></a> <a href="https://mastodon.com.pl/tags/Gitlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gitlab</span></a> <a href="https://mastodon.com.pl/tags/Graphql" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Graphql</span></a> <a href="https://mastodon.com.pl/tags/Podatno%C5%9Bci" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Podatności</span></a> <a href="https://mastodon.com.pl/tags/Rce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rce</span></a> <a href="https://mastodon.com.pl/tags/Ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ruby</span></a> <a href="https://mastodon.com.pl/tags/Saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Saml</span></a></p><p><a href="https://sekurak.pl/gitlab-naprawia-podatnosci-zwiazane-z-biblioteka-ruby-saml/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">sekurak.pl/gitlab-naprawia-pod</span><span class="invisible">atnosci-zwiazane-z-biblioteka-ruby-saml/</span></a></p>
aleph<p>Wir haben auf die Mastodon Version 4.3.6 upgedated. Dies beinhaltet wichtige Sicherheitskorrekturen für alle, die SAML Single-Sign-On verwenden.<br>Bitte weiter tooten :mastodon:</p><p><a href="https://github.com/mastodon/mastodon/releases/tag/v4.3.6" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mastodon/mastodon/r</span><span class="invisible">eleases/tag/v4.3.6</span></a></p><p><a href="https://afterspace.rocks/tags/MastoAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastoAdmin</span></a> <a href="https://afterspace.rocks/tags/MastoUpdate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastoUpdate</span></a> <a href="https://afterspace.rocks/tags/Afterspace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Afterspace</span></a> <a href="https://afterspace.rocks/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a></p>
:mastodon: decio<p>Deux vulnérabilités (CVE-2025-25291, CVE-2025-25292) permettent de contourner l’authentification SAML (SSO) sur GitHub et GitLab via une attaque par « signature wrapping ». <br>Un attaquant disposant d'une signature valide pourrait ainsi se connecter sous l’identité d’un autre utilisateur. La prudence est de mise, surtout qu’un gang spécialisé dans les ransomwares a récemment ciblé ces plateformes. L’exploitation active est à ce jour inconnue.</p><p>📌 GitLab recommande fortement la mise à jour vers 17.9.2 :<br>👇<br><a href="https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">about.gitlab.com/releases/2025</span><span class="invisible">/03/12/patch-release-gitlab-17-9-2-released/</span></a></p><p>📌 GitHub – Sign in as anyone (détails techniques) :<br>👇<br><a href="https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.blog/security/sign-in-a</span><span class="invisible">s-anyone-bypassing-saml-sso-authentication-with-parser-differentials/</span></a></p><p><a href="https://infosec.exchange/tags/Cyberveille" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberveille</span></a><br><a href="https://infosec.exchange/tags/vulnerabilite" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilite</span></a><br><a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a><br><a href="https://infosec.exchange/tags/GitLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitLab</span></a><br><a href="https://infosec.exchange/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <br><a href="https://infosec.exchange/tags/CVE_2025_25291" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_25291</span></a><br><a href="https://infosec.exchange/tags/CVE_2025_25292" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE_2025_25292</span></a></p>
Frehi<p>If you run <a href="https://fosstodon.org/tags/gitlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gitlab</span></a> with <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> authentication, you better upgrade as soon as possible</p><p><a href="https://about.gitlab.com/releases/2025/03/12/patch-release-gitlab-17-9-2-released/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">about.gitlab.com/releases/2025</span><span class="invisible">/03/12/patch-release-gitlab-17-9-2-released/</span></a></p><p><a href="https://fosstodon.org/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
Worteks<p>🎙️ Nous avons eu le plaisir de participer aujourd'hui à l'enregistrement d'un épisode du Podcast "Tout est sous CTRL" produit par nos amis de Centreon.</p><p>Interviewé par Vincent Untz , <span class="h-card" translate="no"><a href="https://framapiaf.org/@clementoudot" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>clementoudot</span></a></span> est venu parler de gestion des identités et des accès (IAM), d'authentification mutli-facteurs (2FA/MFA) et de PasswordLess, mais surtout d'Open Source !</p><p><span class="h-card" translate="no"><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ow2</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@opensource_experts" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>opensource_experts</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@fsfe" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fsfe</span></a></span> </p><p><a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a> <a href="https://mastodon.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>2FA</span></a> <a href="https://mastodon.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MFA</span></a> <a href="https://mastodon.social/tags/PasswordLess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PasswordLess</span></a> <a href="https://mastodon.social/tags/IGA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IGA</span></a> <a href="https://mastodon.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LDAP</span></a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://mastodon.social/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSSO</span></a> <a href="https://mastodon.social/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://mastodon.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a></p>
hikari<p>USSO is a third-party cookie-based SSO (for now), built to work across multiple domains and businesses. It has been in development for over a year by Mahdi Kiani.</p><p>Right now, it's written in Python, but a Go rewrite is coming soon. After the rewrite, OAuth, SAML, and other authentication methods will be added.</p><p>For now, USSO doesn’t have a frontend to manage all SSO operations, but everything is available through an API.</p><p>A couple of microservices also work with USSO:</p><p>A global S3-based file manager</p><p>UFAAS, a Function-as-a-Service platform, optimized for Iran</p><p>UFAAS currently only supports IRT/IRR currencies and integrates with Iranian payment gateways, but accounts can also be manually charged.</p><p>A Rust module for USSO has also been released, making it easier to integrate with Rust-based applications. Additionally, I've recently joined the development team.</p><p>USSO is planned to be used on Parch Linux, and detailed deployment documentation will be written for all major platforms, including cloud, Docker, Kubernetes, and Jails.</p><p>Mahdi Kiani on X: <a href="https://x.com/mahdikiani" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">x.com/mahdikiani</span><span class="invisible"></span></a><br>Project GitHub: <a href="https://github.com/ussoio" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/ussoio</span><span class="invisible"></span></a><br>The File Manager: <a href="https://github.com/ufilesorg" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/ufilesorg</span><span class="invisible"></span></a><br>FaaS: <a href="https://github.com/ufaasio" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/ufaasio</span><span class="invisible"></span></a><br>profile manager based on usso: <a href="https://github.com/uprofile" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/uprofile</span><span class="invisible"></span></a><br>rustcrate: <a href="https://crates.io/crates/usso" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">crates.io/crates/usso</span><span class="invisible"></span></a></p><p><a href="https://mastodon.bsd.cafe/tags/USSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USSO</span></a> <a href="https://mastodon.bsd.cafe/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://mastodon.bsd.cafe/tags/OAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAuth</span></a> <a href="https://mastodon.bsd.cafe/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://mastodon.bsd.cafe/tags/FaaS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FaaS</span></a> <a href="https://mastodon.bsd.cafe/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rust</span></a> <a href="https://mastodon.bsd.cafe/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> <a href="https://mastodon.bsd.cafe/tags/Go" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Go</span></a> <a href="https://mastodon.bsd.cafe/tags/ParchLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ParchLinux</span></a> <a href="https://mastodon.bsd.cafe/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloud</span></a> <a href="https://mastodon.bsd.cafe/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> <a href="https://mastodon.bsd.cafe/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kubernetes</span></a> <a href="https://mastodon.bsd.cafe/tags/Microservices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Microservices</span></a> <a href="https://mastodon.bsd.cafe/tags/FileManager" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FileManager</span></a> <a href="https://mastodon.bsd.cafe/tags/UFAAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UFAAS</span></a> <a href="https://mastodon.bsd.cafe/tags/TechDevelopment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechDevelopment</span></a> <a href="https://mastodon.bsd.cafe/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a></p>
LemonLDAP::NG<p>✨ LemonLDAP::NG 2.20.2 has been released!</p><p>🔗 <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-20-2-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">projects.ow2.org/view/lemonlda</span><span class="invisible">p-ng/lemonldap-ng-2-20-2-is-out/</span></a></p><p>⚠ This version includes some security fixes</p><p><a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lemonldap</span></a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lemonldapng</span></a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAS</span></a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeSoftware</span></a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Perl</span></a></p><p><span class="h-card" translate="no"><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ow2</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@PerlRakuFoundation" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>PerlRakuFoundation</span></a></span> <span class="h-card" translate="no"><a href="https://chirp.social/@Perl" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Perl</span></a></span></p>
Kushal Das :python: :tor:<p>One day I will learn enough about <a href="https://toots.dgplug.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a></p>
Neustradamus :xmpp: :linux:<p><a href="https://mastodon.social/tags/LemonLDAPNG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LemonLDAPNG</span></a> 2.16.4 (<a href="https://mastodon.social/tags/LTS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LTS</span></a>) has been released (<a href="https://mastodon.social/tags/LemonLDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LemonLDAP</span></a> / <a href="https://mastodon.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LDAP</span></a> / <a href="https://mastodon.social/tags/LightweightDirectoryAccessProtocol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LightweightDirectoryAccessProtocol</span></a> / <a href="https://mastodon.social/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSSO</span></a> / <a href="https://mastodon.social/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleSignOn</span></a> / <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> / <a href="https://mastodon.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a> / <a href="https://mastodon.social/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAS</span></a> / <a href="https://mastodon.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAuth</span></a> / <a href="https://mastodon.social/tags/OpenID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenID</span></a> / <a href="https://mastodon.social/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a> / <a href="https://mastodon.social/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> / <a href="https://mastodon.social/tags/SOAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SOAP</span></a>) <a href="https://lemonldap-ng.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">lemonldap-ng.org/</span><span class="invisible"></span></a></p>
Neustradamus :xmpp: :linux:<p><a href="https://mastodon.social/tags/LemonLDAPNG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LemonLDAPNG</span></a> 2.20.1 has been released (<a href="https://mastodon.social/tags/LemonLDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LemonLDAP</span></a> / <a href="https://mastodon.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LDAP</span></a> / <a href="https://mastodon.social/tags/LightweightDirectoryAccessProtocol" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LightweightDirectoryAccessProtocol</span></a> / <a href="https://mastodon.social/tags/WebSSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WebSSO</span></a> / <a href="https://mastodon.social/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SingleSignOn</span></a> / <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> / <a href="https://mastodon.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a> / <a href="https://mastodon.social/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAS</span></a> / <a href="https://mastodon.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OAuth</span></a> / <a href="https://mastodon.social/tags/OpenID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenID</span></a> / <a href="https://mastodon.social/tags/REST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>REST</span></a> / <a href="https://mastodon.social/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> / <a href="https://mastodon.social/tags/SOAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SOAP</span></a>) <a href="https://lemonldap-ng.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">lemonldap-ng.org/</span><span class="invisible"></span></a></p>
bertrand 🏃 👨💻 🎸<p><span class="h-card" translate="no"><a href="https://toot.berlin/@blindcoder" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>blindcoder</span></a></span> agreed! I'll tell my 2005 self right away! ... Oh wait... <br><a href="https://piaille.fr/tags/saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>saml</span></a> <a href="https://piaille.fr/tags/saml2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>saml2</span></a> <a href="https://piaille.fr/tags/idm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>idm</span></a> <a href="https://piaille.fr/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a></p>
Benjamin<p>Could we please, please, PLEASE agree on /.well-known/saml/metadata.xml ? Yes?</p><p><a href="https://toot.berlin/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://toot.berlin/tags/SAML2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML2</span></a> <a href="https://toot.berlin/tags/IDM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IDM</span></a> <a href="https://toot.berlin/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a></p>
Silke Meyer<p>In Eurem UCS läuft nach der Keycloak-Anbindung die Portal-Session ständig ab? Jeder Client kann in Keycloak eine eigene Session Lifetime haben, unabhängig von den globalen Token Lifetime im Realm.</p><p>So stellt Ihr 10 Stunden ein:</p><p>univention-keycloak saml/sp update <a href="https://portal.example.org/univention/saml/metadata" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">portal.example.org/univention/</span><span class="invisible">saml/metadata</span></a> '{"attributes": {"saml.assertion.lifespan": "36000"}}'</p><p>In der Oberfläche: Clients -> Portal -> Reiter "Erweitert" -> Runterscrollen -> "Assertion Lifespan".</p><p><a href="https://univention.social/tags/UCS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UCS</span></a> <a href="https://univention.social/tags/UCSschool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UCSschool</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/nubus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nubus</span></a> <a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a></p>
LemonLDAP::NG<p>✨ LemonLDAP::NG 2.20.1 has been released!</p><p>🔗 <a href="https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-20-1-is-out/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">projects.ow2.org/view/lemonlda</span><span class="invisible">p-ng/lemonldap-ng-2-20-1-is-out/</span></a></p><p>⚠ This version includes some security fixes</p><p><a href="https://fosstodon.org/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IAM</span></a> <a href="https://fosstodon.org/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://fosstodon.org/tags/lemonldap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lemonldap</span></a> <a href="https://fosstodon.org/tags/lemonldapng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lemonldapng</span></a> <a href="https://fosstodon.org/tags/CAS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CAS</span></a> <a href="https://fosstodon.org/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://fosstodon.org/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://fosstodon.org/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeSoftware</span></a> <a href="https://fosstodon.org/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Perl</span></a></p><p><span class="h-card" translate="no"><a href="https://fosstodon.org/@ow2" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ow2</span></a></span> @Perl</p>
Silke Meyer<p>At the last <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>univention</span></a></span> summit I gave an introduction to the Keycloak app in Nubus. You missed it? There is a blog post now:</p><p>Navigating the Keycloak Admin Console with Nubus: A Step-by-Step Introduction</p><p><a href="https://www.univention.com/blog-en/2024/10/navigating-the-keycloak-admin-console/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">univention.com/blog-en/2024/10</span><span class="invisible">/navigating-the-keycloak-admin-console/</span></a></p><p><a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/nubus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nubus</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>univention</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>saml</span></a></p>
Silke Meyer<p>Auf dem <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>univention</span></a></span> Summit hatte ich eine Einführung in die Bedienung der Keycloak-App auf Nubus gegeben. Das habe ich nun nochmal verbloggt, für alle, die es gerne nachlesen möchten:</p><p>Keycloak Admin Console mit Nubus: Der Einstieg leichtgemacht</p><p><a href="https://www.univention.de/blog-de/2024/10/keycloak-admin-console/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">univention.de/blog-de/2024/10/</span><span class="invisible">keycloak-admin-console/</span></a></p><p><a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/nubus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nubus</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>univention</span></a> <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>univention</span></a></span> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>saml</span></a></p>
pelzvieh<p>Das Sams, äh <a href="https://mastodon.flying-snail.de/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> lebt wieder: <a href="https://github.com/mastodon/mastodon/issues/32362" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mastodon/mastodon/i</span><span class="invisible">ssues/32362</span></a></p><p>Du musst die PEM-encoded values jetzt ganz normal multi-line mit magischen BEGIN und END-Zeilen schreiben.</p>
pelzvieh<p>Hm. Das Update hat meinen <a href="https://mastodon.flying-snail.de/tags/SAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SAML</span></a> <a href="https://mastodon.flying-snail.de/tags/Login" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Login</span></a> getötet 😞</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload