| Issue 147: | RP to sign IAuthenticationRequest.AddCallbackArguments to prevent tampering | |
| Back to list |
Sign in to add a comment
|
Some RPs use callback arguments to avoid using sessions to store information that they want to have when the authentication assertion comes back. To prevent in-transit or OP tampering with these callback values, we should include them in the signed token the RP already creates. As part of this, callback arguments would be moved from the plain-text return_to argument to the token argument, not only so it can be signed but so the values can only be fetched using the new IAuthenticationResponse.GetCallbackArgument methods, which will refuse to return callback arguments that do not have a valid signature. |
||||||||||||
,
Sep 07, 2008
(No comment was entered for this change.)
Labels: -Release-2.5 Release-2.6
|
|||||||||||||
,
Oct 16, 2008
(No comment was entered for this change.)
Labels: -Release-2.6 Release-3.0
|
|||||||||||||
,
Feb 15, 2009
We've got this in 3.0!
Status: Fixed
|
|||||||||||||
 Sign in to add a comment
|
|||||||||||||
