Project

General

Profile

Development #51

Check Assertion in AuthnResponse as mandated by the specification

Added by Benjamin Dauvergne almost 9 years ago. Updated over 3 years ago.

Status:
Nouveau
Priority:
Normal
Assignee:
-
Category:
SAMLv2
Target version:
Start date:
22 May 2010
Due date:
% Done:

0%

Patch proposed:
Planning:
No

Description

Currently we just loop over all assertion checking basic things like issuer and signatures.

There should be more assertion checking in the sense that the caller of lasso could juste ask the Login profile which assertion resulted in the SSO process successing.

The specification mandate that the received AuthnResponse must at least contain one assertion with an authentication statement from the targeted IdP. We should check this exactly. Then we should report through the assertion field the winning assertion.

History

#1 Updated by Benjamin Dauvergne almost 9 years ago

  • Tracker changed from Bug to Development

#2 Updated by Benjamin Dauvergne over 8 years ago

  • Target version changed from future to 2.3.1
  • Category set to SAMLv2

#3 Updated by Benjamin Dauvergne over 8 years ago

  • Target version changed from 2.3.1 to 2.4.0

#4 Updated by Benjamin Dauvergne almost 7 years ago

  • Assignee deleted (Benjamin Dauvergne)

#5 Updated by Benjamin Dauvergne over 3 years ago

  • Target version changed from 2.4.0 to future

Also available in: Atom PDF