Uploaded image for project: 'SR Platform'
  1. SR Platform
  2. SRPLAT-192

Switch User Scripts incompatible with specific implementations of certain SSO Providers

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Blocked
    • Priority: High
    • Resolution: Unresolved
    • Affects Version/s: 6.21.0
    • Fix Version/s: None
    • Component/s: Built-in Scripts
    • Labels:
    • Sprint:
      SR4J Sprint 84, SR4J Sprint 85, SR4J Sprint 107, SR4J Sprint 108, SR4J Sprint 109, SR4J Sprint 110
    • Critical Points:
      13.9

      Description

      The Switch User scripts in ScriptRunner can fail with various SSO providers. Known providers that have encountered problems include:

      • Layer7
      • Okta (specifically, their SAML connector)
      • JASIG CAS (which also uses SAML)
      • TechTime EasySSO

      Usually, this is because those providers overwrite the session variable that Switch User sets to determine the logged in user.

      It may be that any fix will be specific to the implementation of the SSO provider. At the very least, we need to document this issue so that users can be aware. We do know that the Switch User scripts can work with a variety of SSO providers, so this is likely an implementation detail in your SSO setup.

      Notes

      • F5 proxy is affected as well.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              twozniak Tomasz Wozniak
              Reporter:
              jcarter Jonny Carter
              Votes:
              2 Vote for this issue
              Watchers:
              16 Start watching this issue

                Dates

                Created:
                Updated: