Ticket #9 (new enhancement)

Opened 8 months ago

Add verification that AuthnResponse InReponseTo matches AuthnRequest ID if present

Reported by: bdauvergne Assigned to: fpeters
Priority: minor Milestone: later
Component: lasso Version: 2.2
Severity: spec nonconformance Keywords:
Cc:

Description

I cite the standard: Verify that the InResponseTo attribute in the bearer <SubjectConfirmationData> equals the ID of its original <AuthnRequest> message, unless the response is unsolicited (see Section 4.1.5 ), in which case the attribute MUST NOT be present.

Attachments

Add/Change #9 (Add verification that AuthnResponse InReponseTo matches AuthnRequest ID if present)




Change Properties
Action