English

Secure SAML validation to prevent XML signature wrapping attacks

Cryptography and Security 2014-01-30 v1

Abstract

SAML assertions are becoming popular method for passing authentication and authorisation information between identity providers and consumers using various single sign-on protocols. However their practical security strongly depends on correct implementation, especially on the consumer side. Somorovsky and others have demonstrated a number of XML signature related vulnerabilities in SAML assertion validation frameworks. This article demonstrates how bad library documentation and examples can lead to vulnerable consumer code and how this can be avoided.

Keywords

Cite

@article{arxiv.1401.7483,
  title  = {Secure SAML validation to prevent XML signature wrapping attacks},
  author = {Pawel Krawczyk},
  journal= {arXiv preprint arXiv:1401.7483},
  year   = {2014}
}
R2 v1 2026-06-22T02:56:59.776Z