mace-opensaml-users - Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url
Subject: OpenSAML user discussion
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url
- Date: Wed, 02 Feb 2011 06:27:13 -0500
- Organization: Itumi, LLC
If you're starting a new topic please compose a new email instead of
hijacking an existing thread.
As to your question, this actually has nothing to do with SAML. It's
browser behavior, yes it's common, and yes there is a common solution.
It results from various endpoints not being encrypted. You can go out
to Google and find a lot of articles and write ups about this.
On 2/2/11 6:05 AM, Chris Card wrote:
>
> Hi,
>
> we are using an IDP which has a SingleSignOnService defined in its metadata
> with Binding HTTP-Redirect and Location url using https.
> When a browser gets redirected to this url in order to send an
> AuthnRequest, we get warnings from the browser e.g. from Firefox:
>
> "Although this page is encrypted, the information you have entered is to be
> sent over an unencrypted connection and could easily be read by a third
> party.
>
> Are you sure you want to continue sending this information?"
>
> and
>
> "You are about to leave an encrypted page. Information you send or receive
> from now on could easily be read by a third party."
>
> when the SAMLResponse is posted back.
>
> Is this a well-known issue that has a well-known solution? (apart from just
> disabling the warnings!)
>
> Chris
>
>
--
Chad La Joie
http://itumi.biz
trusted identities, delivered
- [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chris Card, 02/02/2011
- Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chad La Joie, 02/02/2011
- RE: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chris Card, 02/02/2011
- Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chad La Joie, 02/02/2011
- Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Eshan Haider, 02/02/2011
- Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chad La Joie, 02/02/2011
- RE: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chris Card, 02/02/2011
- RE: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Cantor, Scott E., 02/02/2011
- Re: [OpenSAML] Browser warnings when redirecting to SingleSignOnService url, Chad La Joie, 02/02/2011
Archive powered by MHonArc 2.6.16.