Single Sign-On authentication – the bug that lets you logon as someone else

Posted on Mar 1, 2018

Single Sign-On authentication – the bug that lets you logon as someone else

Duo found that buggy SAML libraries would read the NameID string in various ways, sometimes as user@example.com (treating the comment as a terminator for the data field), and sometimes as user@example.com.test (simply treating the comment as it it were not there at all).

Source: sophos.com