|
Wildfly SAML2 SP will allow a constrained HTTP request into the servlet even if the IDPs signature is invalid. Principal will be null though 
https://github.com/keycloak/keycloak/blob/master/testsuite/integration/src/test/java/org/keycloak/testsuite/saml/SamlSignedPostBindingTest.java
See method: testBadRealmSignature()
Let me know if you can't get to this. I'll look into it when I finish keycloak saml work.
|