The WS-Fed module is currently functional, but no tests exist to ensure that the code is secure. The Section 16 of the Ws-Fed protocol describes the security considerations for the protocol.
The keycloak-wsfed code must be reviewed to ensure that those security concerns are met. In addition, other security concerns are raised throughout the document. These must also be considered and verified against the existing code.
All security considerations should also, if applicable, be formulated in forms of tests that can be unit or functionally tested.
The WS-Fed module is currently functional, but no tests exist to ensure that the code is secure. The Section 16 of the Ws-Fed protocol describes the security considerations for the protocol.
The keycloak-wsfed code must be reviewed to ensure that those security concerns are met. In addition, other security concerns are raised throughout the document. These must also be considered and verified against the existing code.
All security considerations should also, if applicable, be formulated in forms of tests that can be unit or functionally tested.