diff options
-rw-r--r-- | config/config.json | 4 | ||||
-rw-r--r-- | model/config.go | 4 | ||||
-rw-r--r-- | webapp/components/admin_console/saml_settings.jsx | 4 | ||||
-rwxr-xr-x | webapp/i18n/en.json | 4 |
4 files changed, 8 insertions, 8 deletions
diff --git a/config/config.json b/config/config.json index 44d1aae1c..3111d3831 100644 --- a/config/config.json +++ b/config/config.json @@ -221,8 +221,8 @@ }, "SamlSettings": { "Enable": false, - "Verify": false, - "Encrypt": false, + "Verify": true, + "Encrypt": true, "IdpUrl": "", "IdpDescriptorUrl": "", "AssertionConsumerServiceURL": "", diff --git a/model/config.go b/model/config.go index 7c87c05f0..9d651035b 100644 --- a/model/config.go +++ b/model/config.go @@ -1002,12 +1002,12 @@ func (o *Config) SetDefaults() { if o.SamlSettings.Verify == nil { o.SamlSettings.Verify = new(bool) - *o.SamlSettings.Verify = false + *o.SamlSettings.Verify = true } if o.SamlSettings.Encrypt == nil { o.SamlSettings.Encrypt = new(bool) - *o.SamlSettings.Encrypt = false + *o.SamlSettings.Encrypt = true } if o.SamlSettings.IdpUrl == nil { diff --git a/webapp/components/admin_console/saml_settings.jsx b/webapp/components/admin_console/saml_settings.jsx index 0754747d9..a02ab4a8a 100644 --- a/webapp/components/admin_console/saml_settings.jsx +++ b/webapp/components/admin_console/saml_settings.jsx @@ -368,7 +368,7 @@ export default class SamlSettings extends AdminSettings { helpText={ <FormattedMessage id='admin.saml.verifyDescription' - defaultMessage='When true, Mattermost verifies that the signature sent from the SAML Response matches the Service Provider Login URL' + defaultMessage='When false, Mattermost will not verify that the signature sent from a SAML Response matches the Service Provider Login URL. Not recommended for production environments. For testing only.' /> } value={this.state.verify} @@ -405,7 +405,7 @@ export default class SamlSettings extends AdminSettings { helpText={ <FormattedMessage id='admin.saml.encryptDescription' - defaultMessage='When true, Mattermost will decrypt SAML Assertions encrypted with your Service Provider Public Certificate.' + defaultMessage='When false, Mattermost will not decrypt SAML Assertions encrypted with your Service Provider Public Certificate. Not recommended for production environments. For testing only.' /> } value={this.state.encrypt} diff --git a/webapp/i18n/en.json b/webapp/i18n/en.json index e40aa647a..1ac5854ee 100755 --- a/webapp/i18n/en.json +++ b/webapp/i18n/en.json @@ -628,7 +628,7 @@ "admin.saml.emailAttrTitle": "Email Attribute:", "admin.saml.enableDescription": "When true, Mattermost allows login using SAML. Please see <a href='http://docs.mattermost.com/deployment/sso-saml.html' target='_blank'>documentation</a> to learn more about configuring SAML for Mattermost.", "admin.saml.enableTitle": "Enable Login With SAML:", - "admin.saml.encryptDescription": "When true, Mattermost will decrypt SAML Assertions encrypted with your Service Provider Public Certificate.", + "admin.saml.encryptDescription": "When false, Mattermost will not decrypt SAML Assertions encrypted with your Service Provider Public Certificate. Not recommended for production environments. For testing only.", "admin.saml.encryptTitle": "Enable Encryption:", "admin.saml.firstnameAttrDesc": "(Optional) The attribute in the SAML Assertion that will be used to populate the first name of users in Mattermost.", "admin.saml.firstnameAttrEx": "E.g.: \"FirstName\"", @@ -673,7 +673,7 @@ "admin.saml.usernameAttrDesc": "The attribute in the SAML Assertion that will be used to populate the username field in Mattermost.", "admin.saml.usernameAttrEx": "E.g.: \"Username\"", "admin.saml.usernameAttrTitle": "Username Attribute:", - "admin.saml.verifyDescription": "When true, Mattermost verifies that the signature sent from the SAML Response matches the Service Provider Login URL", + "admin.saml.verifyDescription": "When false, Mattermost will not verify that the signature sent from a SAML Response matches the Service Provider Login URL. Not recommended for production environments. For testing only.", "admin.saml.verifyTitle": "Verify Signature:", "admin.save": "Save", "admin.saving": "Saving Config...", |