Project

General

Profile

Development #51

Check Assertion in AuthnResponse as mandated by the specification

Added by Benjamin Dauvergne over 12 years ago. Updated over 7 years ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Category:
SAMLv2
Target version:
Start date:
22 May 2010
Due date:
% Done:

0%

Estimated time:
Patch proposed:
Planning:

Description

Currently we just loop over all assertion checking basic things like issuer and signatures.

There should be more assertion checking in the sense that the caller of lasso could juste ask the Login profile which assertion resulted in the SSO process successing.

The specification mandate that the received AuthnResponse must at least contain one assertion with an authentication statement from the targeted IdP. We should check this exactly. Then we should report through the assertion field the winning assertion.

History

#1

Updated by Benjamin Dauvergne over 12 years ago

  • Tracker changed from Bug to Development
#2

Updated by Benjamin Dauvergne over 12 years ago

  • Category set to SAMLv2
  • Target version changed from future to 2.3.1
#3

Updated by Benjamin Dauvergne about 12 years ago

  • Target version changed from 2.3.1 to 2.4.0
#4

Updated by Benjamin Dauvergne over 10 years ago

  • Assignee deleted (Benjamin Dauvergne)
#5

Updated by Benjamin Dauvergne over 7 years ago

  • Target version changed from 2.4.0 to future

Also available in: Atom PDF