[keycloak-dev] SAML IDP defaults

Bill Burke bburke at redhat.com
Fri Nov 7 09:01:56 EST 2014


The way SAML is architected, if the SP accepts unverifiable requests, 
then anybody can spoof the IDP, and there really is no security.

On 11/7/2014 8:37 AM, Pedro Igor Silva wrote:
> I'm not sure Bill. There a number of different use cases, people should choose what they want. Not sure if it is a good thing to force users to always use signatures.
>
> If you want to provide a good interoperability with others implementations, better to keep these options.
>
> I understand your point, but I don't think this would be appealing to your community (and users from PL and other vendors).
>
> Maybe you can just organize better that UI in order to make it more simple and avoid user mistakes.
>
> ----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org, "Pedro Igor Silva" <psilva at redhat.com>
> Sent: Wednesday, November 5, 2014 12:25:10 PM
> Subject: SAML IDP defaults
>
> I think there is too many configuration options for Keycloak SAML IDP
> support.  Don't you think it is safe to require that
>
> 1) IDP always signs SAML documents
> 2) Require SP to also always sign documents
>
> #1 should definitely be a default and unchangable.  Can't the SP just
> ignore it anyways?  Not sure about #2.
>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list