jzheaux
commented
2 years ago Hi, @jwangmitra, thanks for reaching out. Since this project is now EOL, I'd recommend you try and use Spring Security's built-in SAML support instead of this extension.
As to your question about where is the right place to ask these questions, I'd recommend StackOverflow. Please feel free to post a link to your posted question here so that I and others can find it and respond.
My team is looking to implement the property below as a solution for InReponseTo validation for HTTP session. If we were to use the EmptyStorageFactory setting in securityContext.xml, are there other checks that we would be losing checks on SP side or would we also be losing some validation checks on the unsolicited response from IDP?
<bean id="contextProvider" class="org.springframework.security.saml.context.SAMLContextProviderImpl">
Sorry if this is not the right place, was unable to find information on this topic elsewhere.