You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Why should SAML-metadata be available without Typo3-BE-login?
To allow an IDP to automatically read up-2-date Typo3-SAML-metadata in intervalls.
md_saml generates attributes like validUntil into the SAML-metadata. This is a good thing. But it requires manual work when manually materializing SAML-metadata. We would avoid this by allowing the IDP to automatically read up-2-date Typo3-SAML-metadata.
The text was updated successfully, but these errors were encountered:
Since 6c03542 SAML-Metadata is only delivered to the client with Typo3-BE-login.
https://stackoverflow.com/questions/38962290/security-concerns-with-providing-saml-metadata-on-public-url say´s there is not reason to hide SAML-metadata. But i expect someone thought it was a good idea to hide SAML-metadata without Typo3-BE-login.
Why should SAML-metadata be available without Typo3-BE-login?
To allow an IDP to automatically read up-2-date Typo3-SAML-metadata in intervalls.
md_saml generates attributes like validUntil into the SAML-metadata. This is a good thing. But it requires manual work when manually materializing SAML-metadata. We would avoid this by allowing the IDP to automatically read up-2-date Typo3-SAML-metadata.
The text was updated successfully, but these errors were encountered: