mirror of https://github.com/apache/cloudstack.git
f0faa4a6b3
Adminstrators should ensure that IDP configuration has a signing certificate for the actual signature check to be performed. In addition to this, this change introduces a new global setting saml2.check.signature, with the default value of true, which can deliberately fail a SAML login attempt when the SAML response has a missing signature. Purges the SAML token upon handling the first SAML response. Authored-by: Rohit Yadav <rohit.yadav@shapeblue.com> Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> |
||
|---|---|---|
| .. | ||
| ldap | ||
| md5 | ||
| pbkdf2 | ||
| plain-text | ||
| saml2 | ||
| sha256salted | ||