From 4f074fed0d653a28779ac586e418341232d43e95 Mon Sep 17 00:00:00 2001 From: Corey Hulen Date: Thu, 4 May 2017 11:11:28 -0700 Subject: PLT-6444 switching SAML props to default true (#6330) --- config/config.json | 4 ++-- model/config.go | 4 ++-- webapp/components/admin_console/saml_settings.jsx | 4 ++-- webapp/i18n/en.json | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/config/config.json b/config/config.json index 44d1aae1c..3111d3831 100644 --- a/config/config.json +++ b/config/config.json @@ -221,8 +221,8 @@ }, "SamlSettings": { "Enable": false, - "Verify": false, - "Encrypt": false, + "Verify": true, + "Encrypt": true, "IdpUrl": "", "IdpDescriptorUrl": "", "AssertionConsumerServiceURL": "", diff --git a/model/config.go b/model/config.go index 7c87c05f0..9d651035b 100644 --- a/model/config.go +++ b/model/config.go @@ -1002,12 +1002,12 @@ func (o *Config) SetDefaults() { if o.SamlSettings.Verify == nil { o.SamlSettings.Verify = new(bool) - *o.SamlSettings.Verify = false + *o.SamlSettings.Verify = true } if o.SamlSettings.Encrypt == nil { o.SamlSettings.Encrypt = new(bool) - *o.SamlSettings.Encrypt = false + *o.SamlSettings.Encrypt = true } if o.SamlSettings.IdpUrl == nil { diff --git a/webapp/components/admin_console/saml_settings.jsx b/webapp/components/admin_console/saml_settings.jsx index 0754747d9..a02ab4a8a 100644 --- a/webapp/components/admin_console/saml_settings.jsx +++ b/webapp/components/admin_console/saml_settings.jsx @@ -368,7 +368,7 @@ export default class SamlSettings extends AdminSettings { helpText={ } value={this.state.verify} @@ -405,7 +405,7 @@ export default class SamlSettings extends AdminSettings { helpText={ } value={this.state.encrypt} diff --git a/webapp/i18n/en.json b/webapp/i18n/en.json index e40aa647a..1ac5854ee 100755 --- a/webapp/i18n/en.json +++ b/webapp/i18n/en.json @@ -628,7 +628,7 @@ "admin.saml.emailAttrTitle": "Email Attribute:", "admin.saml.enableDescription": "When true, Mattermost allows login using SAML. Please see documentation to learn more about configuring SAML for Mattermost.", "admin.saml.enableTitle": "Enable Login With SAML:", - "admin.saml.encryptDescription": "When true, Mattermost will decrypt SAML Assertions encrypted with your Service Provider Public Certificate.", + "admin.saml.encryptDescription": "When false, Mattermost will not decrypt SAML Assertions encrypted with your Service Provider Public Certificate. Not recommended for production environments. For testing only.", "admin.saml.encryptTitle": "Enable Encryption:", "admin.saml.firstnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.", "admin.saml.firstnameAttrEx": "E.g.: \"FirstName\"", @@ -673,7 +673,7 @@ "admin.saml.usernameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the username field in Mattermost.", "admin.saml.usernameAttrEx": "E.g.: \"Username\"", "admin.saml.usernameAttrTitle": "Username Attribute:", - "admin.saml.verifyDescription": "When true, Mattermost verifies that the signature sent from the SAML Response matches the Service Provider Login URL", + "admin.saml.verifyDescription": "When false, Mattermost will not verify that the signature sent from a SAML Response matches the Service Provider Login URL. Not recommended for production environments. For testing only.", "admin.saml.verifyTitle": "Verify Signature:", "admin.save": "Save", "admin.saving": "Saving Config...", -- cgit v1.2.3-1-g7c22