This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
SAML SSO broken on Synapse 1.27 #9430
Assignees
Labels
S-Major
Major functionality / product severely impaired, no satisfactory workaround.
Comments
callahad
added
P1
S-Major
|
This is a docs-only fix, yes? |
|
I vote that yes, we fix this through updating the docs and letting people know about it, though there's an alternative approach where we roll back #9289 and attempt a more orderly deprecation. |
|
So this essentially has the same behavior as the OIDC code where we have to jump from one callback URL to another in one go? I think fixing up the docs and removing the old URL sounds OK. At least than OIDC and SAML were done in the same release. |
|
I backported the docs changes to the v1.27.0 branch so that they will appear properly when people check the upgrade doc / changelog, see d804285. (This was also merged to |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The 1.27 upgrade notes claim:
In fact, as part of the SAML2 request, the expected callback URI is sent to the SAML2 IdP, which will check that it matches what is expected and fail if not.
Hence, upgrading to Synapse 1.27 will break login for anyone using SAML :/.
The text was updated successfully, but these errors were encountered: