Policy wasn't receiving access to HTTP request so as to check Recipient values in assertions.

Basics

Technical

Logistics

Basics

Technical

Logistics

Description

The SAML 2 profile handler wasn't checking the subject confirmation's Recipient attribute because of an error in the policy evaluation step. Audience was still checked, and a separate bug prevented unsigned responses from working properly anyway, so there's little or no security impact at this point.

Environment

None

Activity

Scott Cantor June 23, 2009 at 12:47 PM

Closing after releases.

Scott Cantor April 20, 2009 at 2:17 PM

http://svn.middleware.georgetown.edu/view/cpp-sp?view=rev&revision=2977

Resize issue view side panel

Fixed

Assignee

Scott Cantor

Reporter

Scott Cantor

Created April 20, 2009 at 2:17 PM

Updated June 23, 2009 at 12:47 PM

Resolved April 20, 2009 at 2:17 PM

Policy wasn't receiving access to HTTP request so as to check Recipient values in assertions.

Description

Environment

Activity

Scott Cantor June 23, 2009 at 12:47 PM

Scott Cantor April 20, 2009 at 2:17 PM

Details

Assignee

Reporter

Components

Fix versions

Affects versions