You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by "Francesco Chicchiriccò (JIRA)" <ji...@apache.org> on 2017/08/03 09:12:02 UTC

[jira] [Created] (SYNCOPE-1185) Further validate SAML responses with CXF's SAMLSSOResponseValidator

Francesco Chicchiriccò created SYNCOPE-1185:
-----------------------------------------------

             Summary: Further validate SAML responses with CXF's SAMLSSOResponseValidator
                 Key: SYNCOPE-1185
                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1185
             Project: Syncope
          Issue Type: Improvement
          Components: extensions
            Reporter: Francesco Chicchiriccò
            Assignee: Francesco Chicchiriccò
             Fix For: 2.0.5, 2.1.0


At the moment, the SAML response is only validated via [SAMLProtocolResponseValidator|https://github.com/apache/cxf/blob/3.1.x-fixes/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java], but CXF also offers [SAMLSSOResponseValidator|https://github.com/apache/cxf/blob/3.1.x-fixes/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java], providing further checks.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)