Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revisionBoth sides next revision
en:production [2022/05/24 13:13] – [1. Metadata Administration Tool] Added screenshots Silke Meyeren:production [2022/12/16 14:10] Wolfgang Pempe
Line 78: Line 78:
  
 ==== SP Example ==== ==== SP Example ====
 +
 +<callout type="danger" title="Important note: Make sure that redirectLimit is set to the value 'host' or 'exact'!">
 +Please make sure that in **''shibboleth2.xml''** in all **''<Sessions>''** elements the XML attribute **''redirectLimit''** 
 +  - is set and
 +  - has the value **''host''** or **''exact''**! (if necessary in combination with ''allow'')
 +This measure prevents the possible open redirect misuse of the SP e.g. in the context of a phishing attack, cf. https://shibboleth.atlassian.net/browse/SSPCPP-714. 
 +For more information on the configuration parameters of the ''<Sessions>'' element see the [[https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065334342/Sessions|Shibboleth Wiki]].
 +</callout>
 +
 **For metadata URLs and the certificate for signature validation please refer to [[en:metadata|the Metadata documentation]].** **For metadata URLs and the certificate for signature validation please refer to [[en:metadata|the Metadata documentation]].**
  
  • Last modified: 18 months ago