Menu
Reading from http://en.wikipedia.org/wiki/SAML_2.0 , I'm trying to understand the mechanism that guarantees the authenticity of the SAMLResponse sent in step 5 of the process.
The way I understand it, SAML is designed so that the service provider can trust an identity provider for authentication without directly contacting it. However this relies on the user agent re-transmitting a response from the identity provider back to the service provider. It seems to me like a compromised agent could return a fake validated response. How would the service provider validate this without trying to contact the identity provider?
Thanks for your time.
719
Good question!
It's similar to the way a bank will verify the signature on a check; they'll compare a few iterations of the individuals on-file signature, to that of the check being cashed - as long as those match, they can trust that the check was signed by the intended individual.
It works the same way with SAML, except the accuracy has to be 100% - the SAML payload is signed with a certificate that is shared and trusted by both the identity provider and service provider.
In order to ensure the authenticity of the response, you need to ensure that the key in which it was signed with matches the key you have stored for that particular trust, and if not, the response shouldn't be accepted as valid.
That's the basic summary, however, if you want more detail, I had this question bookmarked from when I was doing SSO\SAML, and I found it useful in explaining the way this works.
142
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
