Development #51
Check Assertion in AuthnResponse as mandated by the specification
Début:
22 mai 2010
Echéance:
% réalisé:
0%
Temps estimé:
Patch proposed:
Planning:
Description
Currently we just loop over all assertion checking basic things like issuer and signatures.
There should be more assertion checking in the sense that the caller of lasso could juste ask the Login profile which assertion resulted in the SSO process successing.
The specification mandate that the received AuthnResponse must at least contain one assertion with an authentication statement from the targeted IdP. We should check this exactly. Then we should report through the assertion field the winning assertion.
Historique
Mis à jour par Benjamin Dauvergne il y a plus de 13 ans
- Catégorie mis à SAMLv2
- Version cible changé de future à 2.3.1