Hello!
I need to make an assessement in a solution using SAML 2.0 for token
exchange and Single Sign On.
The solution is built upon PicketLink from RedHat.
Which SAML security considerations should I verify?
Do you have some stuff beyond the SAML specification?
I know this paper from OASIS Project.
http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf
Thanks.
Hello!
I need to make an assessement in a solution using SAML 2.0 for token
exchange and Single Sign On.
The solution is built upon PicketLink from RedHat.
Which SAML security considerations should I verify?
Do you have some stuff beyond the SAML specification?
I know this paper from OASIS Project.
http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf
Thanks.