Commit 7147feda authored by haemmer's avatar haemmer
Browse files

Added note regarding Embedded Discovery Service and phising attacks

Added requirement mentioned in #432
parent 465b3747
......@@ -56,7 +56,7 @@ Requirements:
- If the configuration and the backup configuration differ, you have to make
sure the user that runs the php script has write access for the configuration
- PHP XML Parser extension for parsing SAML2 metadata
......@@ -269,6 +269,10 @@ users to malicous pages, steal their sessions etc). You also have to make sure
that your central WAYF has a very high availability because a lot of third-party
services will depend on it.
Also, please be aware that using the Embedded WAYF allows anybody to guess a
user's Home Organisation without much effort. This information then could be
used for phising attacks for example!
Kerberos support:
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment