Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-5197

[GSS](7.1.0) SAML 2.0 Unsolicited Response MUST NOT contain an InResponseTo attribute

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 7.1.0.DR12
    • 7.0.1.CR2, 7.1.0.DR9
    • Security
    • None

      When Using a SAML V2 Idp Initiated Single Sign On Scenario, the SAML Reponse that gets generated by PicketLink contains an InResponseTo attribute.

      SAML Spec says "An unsolicited <Response> MUST NOT contain an InResponseTo attribute, "

            istudens@redhat.com Ivo Studensky
            vpakan Vlado Pakan (Inactive)
            Ondrej Kotek Ondrej Kotek
            Ondrej Kotek Ondrej Kotek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: