Commit 7147feda authored by haemmer's avatar haemmer
Browse files

Added note regarding Embedded Discovery Service and phising attacks

Added requirement mentioned in #432
parent 465b3747
...@@ -56,7 +56,7 @@ Requirements: ...@@ -56,7 +56,7 @@ Requirements:
- If the configuration and the backup configuration differ, you have to make - If the configuration and the backup configuration differ, you have to make
sure the user that runs the php script has write access for the configuration sure the user that runs the php script has write access for the configuration
files. files.
- PHP XML Parser extension for parsing SAML2 metadata
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
Installation: Installation:
...@@ -269,6 +269,10 @@ users to malicous pages, steal their sessions etc). You also have to make sure ...@@ -269,6 +269,10 @@ users to malicous pages, steal their sessions etc). You also have to make sure
that your central WAYF has a very high availability because a lot of third-party that your central WAYF has a very high availability because a lot of third-party
services will depend on it. services will depend on it.
Also, please be aware that using the Embedded WAYF allows anybody to guess a
user's Home Organisation without much effort. This information then could be
used for phising attacks for example!
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
Kerberos support: Kerberos support:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment