File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 461461 * In example when you are setting up a federation bridge.
462462 */
463463 'enable.saml20-idp ' => false ,
464- 'enable.saml20-unsolicited ' => false ,
464+ 'enable.saml20-unsolicited ' => true ,
465465 'enable.adfs-idp ' => false ,
466466
467467
Original file line number Diff line number Diff line change @@ -30,8 +30,7 @@ Functional changes
3030 It is possible to switch back via the ` sharedkey_algorithm ` .
3131 Note however that CBC is vulnerable to the Padding oracle attack.
3232- All support for the Shibboleth 1.3 / SAML 1.1 protocol has been removed.
33- - Unsolicited responses are denied by default. If you need this functionality,
34- it can be enabled by setting ` enable.saml20-unsolicited ` to ` true ` .
33+ - Unsolicited responses can denied by disabling it by setting ` enable.saml20-unsolicited ` to ` false ` .
3534
3635Configuration changes
3736---------------------
Original file line number Diff line number Diff line change @@ -1139,7 +1139,7 @@ public static function onProcessingCompleted(array $authProcState): void
11391139 $ state'Attributes ' ] = $ authProcState'Attributes ' ];
11401140
11411141 $ configgetInstance ();
1142- $ allowUnsolicited$ configgetBoolean ('enable.saml20-unsolicited ' , false );
1142+ $ allowUnsolicited$ configgetBoolean ('enable.saml20-unsolicited ' , true );
11431143
11441144 Assert::true (
11451145 $ allowUnsolicited
Original file line number Diff line number Diff line change 105105}
106106
107107$ configgetInstance ();
108- $ allowUnsolicited$ configgetBoolean ('enable.saml20-unsolicited ' , false );
108+ $ allowUnsolicited$ configgetBoolean ('enable.saml20-unsolicited ' , true );
109109
110110Assert::true (
111111 $ allowUnsolicited
You can’t perform that action at this time.
0 commit comments