Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-16425

AM does not handle malformed/incorrect signature correctly

    XMLWordPrintable

    Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 5.5.3, 7.0.0, 6.5.3
    • 5.5.3, 7.0.0, 6.5.3
    • SAML
    • AM Sustaining Sprint 76
    • 3

      Description

      Bug description

      During integrated SAML flow if a Signature comes in malformed or incorrect, there is a possibility AM can get stuck in a loop instead of failing gracefully providing an error the the end user that that a signature issue has occurred.

      How to reproduce the issue

       

      1. Create a Federation setup to include using the SAML module for an integrated environment.
      2. Manipulate the IdP signature so it does not match what is stored in the metadata for AM and have assertion signed
      3. Try to establish FederationEstablish Federation to see looping behavior. 
      Expected behaviour
      If an error is seen in the signature during Federation, AM should gracefully fail and provide information to the end user allow them to know the signature is not matching what is defined in the entity
      Current behaviour
      Looping behavior occurs and Am is not failing gracefully
      

        Attachments

          Issue Links

            Activity

              People

              jonthomas Jonathan Thomas
              abel.hoxeng Abel Hoxeng
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: