2 matches found
PicketLink: PicketLink IDP ignores role based authorization
A flaw was found in the PicketLink Identity Provider Configuration IDP where, under specific conditions, the IDP ignores role-based authorization. This could lead to an authenticated user being able to access application resources that are not permitted for a given role...
PicketLink: PicketLink IDP ignores role based authorization
A flaw was found in the PicketLink Identity Provider Configuration IDP where, under specific conditions, the IDP ignores role-based authorization. This could lead to an authenticated user being able to access application resources that are not permitted for a given role...