Removed attribute query from ADFS config

jorritfolmer · Apr 2, 2018 · 4f9ca87 · 4f9ca87
1 parent 69ce784
commit 4f9ca87
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 7 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 ### 3.10.1
 
 - Added SAML parameters to configure Search Head Clustering with ADFS
+- Removed attribute query from ADFS config
 
 ### 3.10.0
 

diff --git a/manifests/authentication.pp b/manifests/authentication.pp
@@ -36,10 +36,7 @@
       $auth_defaults = $splunk::params::auth
       case $auth['saml_idptype'] {
         'ADFS':     {
-          $idpattributequeryurl       = $auth['saml_idpurl']
-          $idpslourl                  = "${auth['saml_idpurl']}?wa=wsignout1.0"
-          $idpssourl                  = $auth['saml_idpurl']
-          # other parameters are set in the erb template
+          # parameters are set in the erb template
         }
         default:    {
           fail 'Unsupported Identity Provider' }

diff --git a/templates/puppet_common_auth_saml_base/local/authentication.conf b/templates/puppet_common_auth_saml_base/local/authentication.conf
@@ -5,8 +5,6 @@ authType = SAML
 authSettings = saml_settings
 
 [saml_settings]
-attributeQuerySoapPassword = unimportant
-attributeQuerySoapUsername = unimportant
 <% if @auth['saml_entityid'].nil? -%>
 entityId = <%= @fqdn %>
 <% else -%>
@@ -15,7 +13,6 @@ entityId = <%= @auth['saml_entityid'] %>
 <% if not @auth['saml_fqdn'].nil? -%>
 fqdn = <%= @auth['saml_fqdn'] %>
 <% end -%>
-idpAttributeQueryUrl = <%= @idpattributequeryurl %>
 idpCertPath = <%= @splunk_home %>/etc/auth/idpCerts
 idpSLOUrl = <%= @idpslourl %>
 idpSSOUrl = <%= @idpssourl %>