Collaborate Disseminate
For SAML 1.1 the TARGET query parameter set in the initial request for the intersite transfer service, is used by the assertion consumer service to redirect the user to the protected resource once the assertions have been val… Continue reading SAML 2.0 – Target resource [migrated]
I am integrating into a legacy SAML 1.1 application and I am trying to determine if the query TARGET query parameter is required in the initial request for the intersite transfer service.
Reading the specs https://www.oasis-… Continue reading SAML 1.1 Target – Required or not [migrated]
My company runs a saas product; as we move into enterprise customers, we’re getting more and more requests for SSO.
I understand the SAML workflow for authentication, and roughly how we’d implement it. I also get that we co… Continue reading SAML – when creating new users, how do I get essential fields?
My company’s has given a corporate membership to Udemy, which is accessible from company’s laptop only.
I tried to look into it and it uses SAML. If I open my company’s Udemy website on any other laptop, it redirects to an I… Continue reading Fool SAML authentication
I’m testing a web application which uses SAML SSO. SAML Response has signature and it is verified correctly if data is tampered. But I noticed that when signature is removed completely authentication to SP succeeds. In general, it’s clear… Continue reading Attack vectors with encrypted SAML assertion response
I have an application that needs to send data from a server to a browser. This data is then used to automatically populate a form on a page in the browser. The data contains some sensitive information and I’m worried that the… Continue reading Sending private data to a browser
I have an application that needs to send data from a server to a browser. This data is then used to automatically populate a form on a page in the browser. The data contains some sensitive information and I’m worried that the… Continue reading Sending private data to a browser
I am having a hard time figuring out how to setup SP Initiated SSO using Centrify as an IDP. I already have an app setup using SAML but I am trying to accomplish the task of not being logged on to the IDP (Centrify portal) an… Continue reading SP Initiated SSO
We are implementing Fedrated SSO provider in our company. Just getting difficulty to see how we can inform relying parties if logged in user’s claims revoked to further access the relying party while his sso session is alread… Continue reading Signout/update relying parties when authenticated users claims revoked
We are using SAML Web Browser SSO Profile (SAML 2.0)
We have a SP using SAML2.0. All communication between IdP and SP is over HTTPs.
If AuthnResponse from IdP is sent over HTTPs, is it mandatory for the SP to validate the s… Continue reading Is signature validation mandatory if encrypted assertions are sent over HTTPs in SAML 2.0?