In association with heise online

10 September 2008, 11:08

Google closes hole in Single Sign-On for Google Apps

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Google has changed the way its SAML Single Sign-On (SSO) Service for Google Apps works after receiving reports about a security problem Administrators and developers from other providers who use Google's SSO may be forced to revise their Identity Provider for authentication.

According to a report published by a group of security specialists, a flaw in the protocol used allowed a specially prepared server to register with another service when posing as a user.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit