[jira] [Commented] (SYNCOPE-1185) Further validate SAML responses with CXF's SAMLSSOResponseValidator

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[jira] [Commented] (SYNCOPE-1185) Further validate SAML responses with CXF's SAMLSSOResponseValidator

JIRA jira@apache.org

    [ https://issues.apache.org/jira/browse/SYNCOPE-1185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112560#comment-16112560 ]

ASF subversion and git services commented on SYNCOPE-1185:
----------------------------------------------------------

Commit 4dcc0db48dfa1bf9231038d6b0837e2d21bef7a8 in syncope's branch refs/heads/2_0_X from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=4dcc0db ]

[SYNCOPE-1185] SAMLSSOResponseValidator in action


> Further validate SAML responses with CXF's SAMLSSOResponseValidator
> -------------------------------------------------------------------
>
>                 Key: SYNCOPE-1185
>                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1185
>             Project: Syncope
>          Issue Type: Improvement
>          Components: extensions
>            Reporter: Francesco Chicchiriccò
>            Assignee: Francesco Chicchiriccò
>              Labels: saml
>             Fix For: 2.0.5, 2.1.0
>
>
> At the moment, the SAML response is only validated via [SAMLProtocolResponseValidator|https://github.com/apache/cxf/blob/3.1.x-fixes/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java], but CXF also offers [SAMLSSOResponseValidator|https://github.com/apache/cxf/blob/3.1.x-fixes/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java], providing further checks.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Loading...