[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (CMIS-777) Authentication in a Single Sign On (SSO) environment
[ https://issues.oasis-open.org/browse/CMIS-777?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=59518#comment-59518 ]
Gregory Melahn commented on CMIS-777:
-------------------------------------
Perhaps we could also include the Soap Version (e.g. Soap 1.1) even though the CMIS choices there are limited at the moment.
Is it prudent to respond with an Array as a top level object given http://haacked.com/archive/2009/06/25/json-hijacking.aspx/ ? Though that is an ancient vulnerability it is still considered potentially hazardous e.g. https://github.com/tornadoweb/tornado/issues/1009
> Authentication in a Single Sign On (SSO) environment
> ----------------------------------------------------
>
> Key: CMIS-777
> URL: https://issues.oasis-open.org/browse/CMIS-777
> Project: OASIS Content Management Interoperability Services (CMIS) TC
> Issue Type: New Feature
> Components: Domain Model
> Affects Versions: Proposals for 2.0
> Reporter: David Choy
> Fix For: Proposals for 2.0
>
>
> Triggered by a 24 July 2014 public comment, this is created as a discussion forum on the subject of authentication in an SSO environment. Please feel free to inject your thoughts, experience, questions, suggestions, or any other comments that you may have. We want to collect all the inputs we can get and then assess if there is anything we can do.
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]