SX Spring Security Extension
  1. SX Spring Security Extension
  2. SES-120

Signed response doesn't satisfy wantAssertionSigned

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Complete
    • Affects Version/s: saml-1.0.0.RC1
    • Fix Version/s: saml-1.0.0
    • Component/s: saml
    • Security Level: Public
    • Labels:
      None

      Description

      Signing the response object still requires the assertion itself to be signed when wantAssertionSigned is set to true in metadata. This should be changed so that the response signature is sufficient.

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Vladimir Schäfer
            Reporter:
            Vladimir Schäfer
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: