Skip to content

Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent #16000

New issue
New issue
Closed
Closed
Saml2WebSsoAuthenticationFilter should allow requests through when SAMLResponse is absent#16000
Assignees
jzheaux
Labels
in: saml2An issue in SAML2 modulestype: enhancementA general enhancement
Milestone
 
6.5.0-RC1
@jzheaux

Description

@jzheaux
jzheaux
opened on Oct 25, 2024

When an application requests /login/saml2/sso/okta, the default entry point for IdPs to POST a SAMLResponse, the endpoint will throw an exception if the SAMLResponse is missing.

It would be more flexible to instead allow these requests to pass through the filter chain in case another filter or MVC mapping would like to process the endpoint. One reason for this would be if the payload deviates from the SAML 2.0 standard.

Metadata

Metadata

Assignees

Labels

in: saml2An issue in SAML2 modulestype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions