In order to mitigate against the brute force attacks against Gitlab accounts, we are moving to all edu-ID Logins. We would like to remind you to link your account with your edu-id. Login will be possible only by edu-ID after November 30, 2021. Here you can find the instructions for linking your account.

If you don't have a SWITCH edu-ID, you can create one with this guide here

kind regards

Commit 7147feda authored by haemmer's avatar haemmer
Browse files

Added note regarding Embedded Discovery Service and phising attacks

Added requirement mentioned in #432
parent 465b3747
......@@ -56,7 +56,7 @@ Requirements:
- If the configuration and the backup configuration differ, you have to make
sure the user that runs the php script has write access for the configuration
- PHP XML Parser extension for parsing SAML2 metadata
......@@ -269,6 +269,10 @@ users to malicous pages, steal their sessions etc). You also have to make sure
that your central WAYF has a very high availability because a lot of third-party
services will depend on it.
Also, please be aware that using the Embedded WAYF allows anybody to guess a
user's Home Organisation without much effort. This information then could be
used for phising attacks for example!
Kerberos support:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment