We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#185 added support for a custom mapper supporting AWS. This mapper joins group names with a colon, :, character.
:
This code is potentially vulnerable to group name injection if any groups contain a : in their name.
To fix the mapper, throw an error or drop group names containing a :
uds-identity-config/src/plugin/src/main/java/com/defenseunicorns/uds/keycloak/plugin/CustomAWSSAMLGroupMapper.java
Lines 89 to 103 in fdd1738
The text was updated successfully, but these errors were encountered:
UnicornChance
Successfully merging a pull request may close this issue.
#185 added support for a custom mapper supporting AWS. This mapper joins group names with a colon,
:
, character.This code is potentially vulnerable to group name injection if any groups contain a
:
in their name.To fix the mapper, throw an error or drop group names containing a
:
uds-identity-config/src/plugin/src/main/java/com/defenseunicorns/uds/keycloak/plugin/CustomAWSSAMLGroupMapper.java
Lines 89 to 103 in fdd1738
The text was updated successfully, but these errors were encountered: