Symptom:
Calls to the SAML 2.0 Single Sign-on service that contain incorrect parameters for the Service Provider ID and/or the protocol binding display too much detail in the error message.
STAR Issue: 17444140-01
Solution:
A more generic error message is now displayed in the browser to eliminate any possibility of an attacker gaining information on the correct values of the Service Provider IDs and protocol bindings. The more detailed error message is still logged.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |