*: validate InResponseTo SAML response field and make issuer optional

2017-03-21 13:16:42 -07:00
parent 95d237003a
commit 50b223a9db
7 changed files with 114 additions and 31 deletions
--- a/Documentation/saml-connector.md
+++ b/Documentation/saml-connector.md
@@ -24,8 +24,6 @@ connectors:
  # Required field for connector name.
  name: SAML
  config:
-    # Issuer used for validating the SAML response.
-    issuer: https://saml.example.com
    # SSO URL used for POST value.
    ssoURL: https://saml.example.com/sso

@@ -72,4 +70,8 @@ connectors:
    #     urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
    #
    nameIDPolicyFormat: persistent
+
+    # Optional issuer used for validating the SAML response. If provided the
+    # connector will validate the Issuer in the response.
+    # issuer: https://saml.example.com
 ```