Skip to content

Fix SAML private attributes predicate #134220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 5, 2025
Merged

Fix SAML private attributes predicate #134220

merged 3 commits into from
Sep 5, 2025

Conversation

slobodanadamovic
Copy link
Contributor

@slobodanadamovic slobodanadamovic commented Sep 5, 2025
edited
Loading

The way predicate was constructed could result in a NullPointerException
when name or friendlyName is null. This is because the contains
method of ImmutableCollections does not accept nulls.

This PR fixes this and adds more test coverage for these edge cases.

Technically it's a bug, but marking this as >non-issue because PR,
that introduced the private attributes, is not released yet.

@slobodanadamovic
Fix SAML private attributes predicate
3b0cd57 
The way predicate was constructed could result in a `NullPointerException`
when `name` or `friendlyName` are null.

This is because the `contains` method of `ImmutableCollections` does not
accept nulls.

This PR fixes this and adds more test coverage for these cases.
@slobodanadamovic slobodanadamovic self-assigned this Sep 5, 2025
@slobodanadamovic slobodanadamovic added >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team labels Sep 5, 2025
@slobodanadamovic slobodanadamovic marked this pull request as ready for review September 5, 2025 13:36
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@slobodanadamovic slobodanadamovic merged commit 2149f15 into elastic:main Sep 5, 2025
39 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ankit--sethi ankit--sethi ankit--sethi approved these changes

@tvernum tvernum Awaiting requested review from tvernum

Assignees

@slobodanadamovic slobodanadamovic

Labels

>non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v9.2.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@slobodanadamovic @elasticsearchmachine @ankit--sethi