d1afb845b1
fix shibboleth misconfigurations resulting in authentication bypass This merge request fixes #22267 where a misconfigured Shibboleth `HTTP_UID` or `HTTP_EPPN` could result in users being logged into an account that did not belong to them. See merge request !7428 |
||
---|---|---|
.. | ||
environments | ||
initializers | ||
locales | ||
routes | ||
application.rb | ||
aws.yml.example | ||
boot.rb | ||
database.yml.env | ||
database.yml.mysql | ||
database.yml.postgresql | ||
dependency_decisions.yml | ||
environment.rb | ||
gitlab.yml.example | ||
license_finder.yml | ||
mail_room.yml | ||
newrelic.yml | ||
no_todos_messages.yml | ||
resque.yml.example | ||
routes.rb | ||
secrets.yml.example | ||
sidekiq.yml.example | ||
sidekiq_queues.yml | ||
unicorn.rb.example | ||
unicorn.rb.example.development |