From implementing IdP-side flow (in nuclei?)
- !!
From implementing a misbehaving SP
- !!
From eduGAIN Community
- !!
From elsewhere (to compile, prune and turn into testable SP behaviours)
- To dig and select: https://www.google.com/search?client=firefox-b-d&q=turn+off+saml+signature+validation#ip=1
- “A Signature element in AuthnRequest elements is optional. If Require Verification certificates are not checked, Microsoft Entra ID does not validate signed authentication requests if a signature is present”, https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/howto-enforce-signed-saml-authentication
...