What's new?
Server
- Updated: The directory API to support
Require Signed Assertion Response.
- Updated: The directory API to support
UI:
- Added: Introduced UI options for
Require Signed Assertion Responsefor enhanced security in SAML authentication.
- Added: Introduced UI options for
Requirements
- TEF: 1.51.0
- TED: 1.9.1
Base images
Alpine: 3.17.5 Ubuntu: 22.04.3
Enhanced Security and Compatibility Guide for SAML Authentication
Description:
The recent update to @node-saml/passport-saml mandates the signing of the assertion response. To ensure backward compatibility, we have introduced a new configuration option in the UI:
- Require Signed Assertion Response
By default, this option is set to Disabled to maintain compatibility with existing setups.
Recommendations: We recommend enabling this option as it adds an additional layer of security. However, please be aware that enabling this setting might impact the SAML login functionality.