Skip to content

Add xmldsig signature verification

peter requested to merge peter-/kc-metadata-import:xmldsig-verification into master

Also check for expired Metadata (validUntil).
Both checks can be skipped by setting SAML2_METADATA_INSECURE (not recommended).
Disable replacing of entity references in XMLParser.

Edited by peter

Merge request reports

Loading