Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug page on SAML response when user access denied #118

Open
andreykhr opened this issue May 7, 2024 · 0 comments
Open

Bug page on SAML response when user access denied #118

andreykhr opened this issue May 7, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@andreykhr
Copy link

Description

We use Microsoft ADFS to use SAML flow. It's work well, but then I strict access by domain group, user without group after enter login/password redirected to structurizr with StatusCode urn:oasis:names:tc:SAML:2.0:status:RequestDenied

Structurizr down show user friendly page access denied,but show page with text Invalid status [urn:oasis:names:tc:SAML:2.0:status:Responder] for SAML response [_1f458d1b-65ad-471d-914d-164d08350f60]

see screenshot.

Could you add check for that status and show "User Friendly" page with text like "AccessDenied" or something...

Steps to reproduce

Switch structurizr to saml flow
Strict access by domain group
Try login to structurizr from user login without group

Screenshot

2024-05-07_17-46-51

Code sample

No response

Configuration

No response

Severity

Major

Priority

I have no budget and there's no rush, please fix this for free

More information

No response
@andreykhr andreykhr added the bug Something isn't working label May 7, 2024
@simonbrowndotje simonbrowndotje added enhancement New feature or request and removed bug Something isn't working labels May 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andreykhr @simonbrowndotje