djangosaml2idp
djangosaml2idp copied to clipboard
Cannot specify alternative IDP metadata sources
This change introduced model backed Service Providers.
This prevents the user from ever specifying a different SP metadata source (for example an MDQ server):
SAML_IDP_CONFIG = {
"metadata": {
"mdq": ["https://example.com/mdq/"],
},
}
If the IDP config object contains a metadata
key, then this should probably not be overriden.
Imagine to have more than 3000 SP, like in edugain federation, have you ever loaded thousands of metadata on each service start?
It could take more than a minute and a huge RAM usage. MDQ Is the smartest solution for request a fresh metadata on each occourrence. @mhindery why you should reduce the features of pysaml2?
The latest version that supports non-model based service providers is 0.6.
This is incompatible with the latest PySAML2 (a dependency of djangosaml2) so you need PySAML4.x:
djangosaml2idp<0.7
pysaml2<5
The latest version that supports non-model based service providers is 0.6.
This is incompatible with the latest PySAML2 (a dependency of djangosaml2) so you need PySAML4.x:
djangosaml2idp<0.7 pysaml2<5
Discouraged due to some important weakness in pysaml2<5.2