Subversion Status
ChangeLog
| 14:15 | bdauvergne | rev 4938 | [Binding perl] fix broken distclean-local target The TOCOPY files need to be cleaned only for out of source directory builds. |
| 14:15 | bdauvergne | rev 4939 | [SAMLv2] simplify logic for handling AuthnResponse with binding HTTP-Post The logic is now simpler: - first lasso_saml20_profile_process_any_response check the signature on the message - then lasso_saml20_login_process_response_status_and_assertion traverse all the assertions: - if the message is signed all assertion from the same issuer are automatically accepted, - if the message is not signed, or the signature validation failed, or the assertion has a different issuer than the message, we check the signature directly on the assertion. If any of the assertions fails the signature check, the result will be LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE. The public field profile->signature_status will contain only the message level signature status, each assertion signature status is not accessible. That will change when signature and key handling is reworked. |
Copyright © 2004-2007 Entr'ouvert