datasealer error messages
rpaquin at wlu.ca
Fri Jan 29 18:40:51 UTC 2021
Thanks for clarifying that. Maybe save was the wrong word. Anyway is there a way to supress that error message? It's a real pain to see it when doing troubleshooting.
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: January 29, 2021 1:31 PM
To: Shib Users <users at shibboleth.net>
Subject: Re: datasealer error messages
On 1/29/21, 1:12 PM, "users on behalf of Rene Paquin" <users-bounces at shibboleth.net on behalf of rpaquin at wlu.ca> wrote:
> We do save the passwords for MFA authentication.
That's not how any MFA method I know of works. Saving the password is something you do to replay it to some other system, such as if you wanted to log into a directory as the user instead of with a service account.
> In that case what is the impact?
They won't be there any time the data is reloaded from a prior result, the system just drops it on the floor when it serializes the result that contained a PasswordPrincipal.
This isn't something that you just don't notice. If you don't notice, you're not using it and you shouldn't have told it to even save the password in the first place. If you needed it, it wouldn't have been working all along.
For Consortium Member technical support, see https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.shibboleth.net%2Fconfluence%2Fx%2FcoFAAg&data=04%7C01%7Crpaquin%40wlu.ca%7Ce3a55e00b10146a0f45d08d8c4840b26%7Cb45a5125b29846bc8b89ea5a7343fde8%7C1%7C0%7C637475418711073474%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zYtKX1%2Bi7nTyNo1ZpgEo8efjThADOMKBtuEJl5ybz4Y%3D&reserved=0
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users