Comments (4)
Just to add, this was working without issue in 6.1 without the additional SAML configuration
from opencti.
Hello,
Here is the working configuration in our cloud env:
PROVIDERS__SAML__STRATEGY: "SamlStrategy"
PROVIDERS__SAML__CONFIG__LABEL: "Corporate login"
PROVIDERS__SAML__CONFIG__ISSUER: "opencti-filigran"
PROVIDERS__SAML__CONFIG__ENTRY_POINT: "https://login.microsoftonline.com/[REDACTED]/saml2"
PROVIDERS__SAML__CONFIG__SAML_CALLBACK_URL: "https://filigran.octi.filigran.io/auth/saml/callback"
PROVIDERS__SAML__CONFIG__DISABLE_REQUESTED_AUTHN_CONTEXT: "true"
PROVIDERS__SAML__CONFIG__CERT: "MIIC8DCCAdigAwIBAgIQfFMNtRPA5oxAfD5VLfjw9jANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQg[...]"
PROVIDERS__SAML__CONFIG__ACCOUNT_ATTRIBUTE: "http://schemas.microsoft.com/identity/claims/displayname"
PROVIDERS__SAML__CONFIG__FIRSTNAME_ATTRIBUTE: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
PROVIDERS__SAML__CONFIG__LASTNAME_ATTRIBUTE: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
from opencti.
I've tried adding the ACCOUNT/FIRSTNAME/LASTNAME ATTRIBUTE fields as per your config above - and tested with all combinations of WANT_AUTHN_RESPONSE_SIGNED and WANT_ASSERTIONS_SIGNED enabled/disabled.
Both -> "SAML assertion audience mismatch"
Just 'WANT_ASSERTIONS_SIGNED=false' -> "Invalid document signature"
Just 'WANT_AUTHN_RESPONSE_SIGNED=false' -> "SAML assertion audience mismatch"
Neither -> "Invalid document signature"
Not sure if there's anything different that needs to be configured on the Entra ID side - no errors/issues in the Entra ID logs and I can't see any configuration options for signing etc on that end.
Does adding a private key to the SAML config allow the response/assertion to be signed and remove the need for these additional parameters? If so is there any documentation for generating this private key?
from opencti.
@pierremahot @sbocahu did we changed anything in our instances for the Microsoft Entra SAML2 configuration following the library upgrade?
from opencti.
Related Issues (20)
- Allow Reordering of Notes in Incident Response
- Redefine best practices in our Docker images and fix errors when setting a user
- Add support for AWS Signature Version 4 for the OpenSearch client
- Remove TAXII 2.0 and 1.0 options from the UI
- Triggers - add capability to add users to notification list
- Changing "Organizations" in a user make the page full re-render and close the drawer
- Ability to associate color to openvocab representing severity HOT 3
- Main Note
- When threat actor is named "unknown", distribution is displaying the standard ID
- Connectors list columns are not aligned correctly with headers
- Sessions not correctly refreshed when a group is automatically granted to a new marking HOT 1
- [Organization sharing] No button to share certain entities HOT 1
- Add a graphql api to send stix bundle in the ingestion process
- [filters] 'lower than / equals' operator for date filters doesn't take 'equals' into account
- Allow to define multiple CVSS Metric Versions per Vulnerability / CVSS v4
- [Trigger filters] Modify the status of reports after validation of a worbench
- Use of dedicated RabbitMQ queues for integrated feeders/ingestors
- Introduce "Exploitation State" field for vulnerability entities
- "Ask AI" as a playbook component
- Align the UX of the "Incident type" field in an incident
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opencti.