Avoid reusing an valid SAML assertion sent from IDP

Created on 9 January 2024, 11 months ago

Updated 11 January 2024, 11 months ago

Problem/Motivation

The Authentication Request and Assertion are sent via browser redirects so they pass through the user’s browser. This makes them easy to steal via techniques such as cross site scripting or malicious plugins.

Proposed resolution

OneTimeUse on the SAML Response will prevent an valid request and assertion from being reused.

📌 Task

Status

Active

Version

4.0

Component

Code

Created by

🇦🇺Australia mingsong 🇦🇺

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @mingsong
Comment 11 months ago →
🇦🇺Australia mingsong 🇦🇺

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024