Avoid reusing an valid SAML assertion sent from IDP

Created on 9 January 2024, 12 months ago
Updated 11 January 2024, 12 months ago

Problem/Motivation

The Authentication Request and Assertion are sent via browser redirects so they pass through the user’s browser. This makes them easy to steal via techniques such as cross site scripting or malicious plugins.

Proposed resolution

OneTimeUse on the SAML Response will prevent an valid request and assertion from being reused.

πŸ“Œ Task
Status

Active

Version

4.0

Component

Code

Created by

πŸ‡¦πŸ‡ΊAustralia mingsong πŸ‡¦πŸ‡Ί

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024