Completed
Examples of affected frameworks
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
SSO Wars - The Token Menace
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Agenda
- 3 Delegated Authentication
- 4 JWT token
- 5 Similar code for SAML
- 6 Potential Attack Vectors (2/2)
- 7 Simplified SAML Token
- 8 SAML Signature Verification in .NET
- 9 A tale of two resolvers
- 10 Possible scenarios for different key resolution
- 11 Examples of affected frameworks
- 12 Windows Communication Foundation (WCF)
- 13 Key & Token Resolution
- 14 Token resolution - Breadth First
- 15 Dupe Key Confusion
- 16 Key and Token resolutions
- 17 Attack limitations
- 18 SharePoint Authentication Flow
- 19 SharePoint Attack Flow
- 20 Conclusions