./security/pam-saml, Crude SAML assertion validator for bridging WebSSO and PAM

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2019Q3, Version: 1.9, Package name: pam-saml-1.9, Maintainer: manu

PAM provides a way to develop programs that are independent of
authentication scheme. These programs need "authentication modules" to be
attached to them at run-time in order to work. Which authentication module
is to be attached is dependent upon the local system setup and is at the
discretion of the local system administrator.

This package contains a PAM module that perform a crude
check on a SAML authentication assertion. The assertion signature and date
are verified, and access is granted on behalf ot the user taked for a
onfigurable attribute.

The only protection against replay attacks is the assertion validity dates
checks, this authentication is therefore secure only if the SAML
authentication assertion remains secret. The assertion has the same role
as a web cookie used for authentication.


Master sites:

SHA1: bd62e4081e676a0a5a8bce77bb3e1428d964ca44
RMD160: 1dd827eda9a35f37850b4e6990a86d6ddec5a2ff
Filesize: 304.606 KB

Version history: (Expand)