Hi, I have a question regarding the replay check. Iv'e noticed that there is a configuration option for replay check, but also noticed that the SAML Response can indicate OneTimeUse. Did some tests and it seems that you ignore the SAML Response saml:OneTimeUse indication.
Meaning: 1. When ComponentSpace:DisableAssertionReplayCheck=false, and no saml:OneTimeUse - Not able to replay 2. When ComponentSpace:DisableAssertionReplayCheck=true, and saml:OneTimeUse - Replay allowed
Do I miss something? Can you please elaborate on the relation between the two?
Thanks, Rami
|