onpremises Bug page on SAML response when user access denied

Bug page on SAML response when user access denied

Open andreykhr opened this issue 1 month ago • 0 comments

Description

We use Microsoft ADFS to use SAML flow. It's work well, but then I strict access by domain group, user without group after enter login/password redirected to structurizr with StatusCode urn:oasis:names:tc:SAML:2.0:status:RequestDenied

Structurizr down show user friendly page access denied,but show page with text Invalid status [urn:oasis:names:tc:SAML:2.0:status:Responder] for SAML response [_1f458d1b-65ad-471d-914d-164d08350f60]

see screenshot.

Could you add check for that status and show "User Friendly" page with text like "AccessDenied" or something...

Steps to reproduce

Switch structurizr to saml flow Strict access by domain group Try login to structurizr from user login without group

Screenshot

2024-05-07_17-46-51

Code sample

No response

Configuration

No response

Severity

Major

Priority

I have no budget and there's no rush, please fix this for free

More information

No response

May 07 '24 14:05 andreykhr

onpremises onpremises copied to clipboard

Bug page on SAML response when user access denied

Description

Steps to reproduce

Screenshot

Code sample

Configuration

Severity

Priority

More information

onpremises
onpremises copied to clipboard