Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71288

SAML authentication assertions and responses should be signed

    XMLWordPrintable

Details

    • 2
    • 4
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Some Identity providers like one login expect authentication requests/responses to be signed by Jira citing security vulnerability. This results in SAML response to throw errors

      <samlp:StatusMessage>Signature required</samlp:StatusMessage>

      https://getsupport.atlassian.com/browse/PS-19785

      Attachments

        Issue Links

          is related to

          Suggestion - JRASERVER-67292 SAML Authentication Add-on to accept either Assertions or Response to be signed by IDP

          • Gathering Interest
          relates to

          Suggestion - CONFSERVER-59097 SAML AuthnRequest should be signed

          • Gathering Interest
          links to

          Web Link Related request from a Premier Support Customer

          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              svenkatachari shrivatsaa
              Votes:
              26 Vote for this issue
              Watchers:
              21 Start watching this issue

              Dates

                Created:
                Updated: