The problem with IDP initiated SSO

Tom Scavo trscavo at gmail.com
Tue Dec 23 08:25:10 EST 2014


On Mon, Dec 22, 2014 at 9:47 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 12/22/14, 11:28 PM, "Stefan Rasmusson" <rasmusson.stefan at gmail.com>
> wrote:
>
>>I am trying to understand the problem with using IDP initiated SSO or
>>Unsolicited Responses. I have read the wiki page and I understand that
>>this is a problem for interoperability.
>
> It's also a XSRF attack by definition.

Wouldn't user consent effectively thwart that issue?

Tom


More information about the users mailing list