Bypassing SAML 2.0 SSO with XML Signature Attacks30 November 2016Tim GoddardUnfortunately, many SAML consumers don’t validate responses properly, allowing attacks up to and including full authentication bypass.
