http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/03/BreakingSAML.pdf is an attack report to several SAML based SSO systems to be presented at USENIX, today.
Most of the 14 systems are vulnerable to XML Signature Wrapping Attacks (OpenSAML through a flaw in Xerces). CAS was not one of the attacked systems, but it might be a good idea to security review the SAML parts. Robert -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
