Purdue University

Authentication Options

Our authentication and authorization services are designed to meet different goals. How do you know which one it right for your project? The information below is intended to help you determine which ...
Bleeping Computer

Critical Samlify SSO flaw lets attackers log in as admin

A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML ...
Michigan Chronicle

J. Pharoah Doss: A disturbing Black shibboleth

Black law professor Stephen L. Carter released the controversial book Reflections of an Affirmative Action Baby in 1991. In the chapter “Silencing Dissent,” Carter asserted that race-conscious ...
GitHub

Support single-sign on mechanisms (e.g. OpenID connect, SAML/Shibboleth)

Especially in universities self-hosted hotcrp instances are commonly set up. As universities generally already have single-sign on solutions it would be great to add support for those. This would not ...
GitHub

SSO (SAML2) support #14

Is there a way for hrm to act as a Service Provider for a SAM2 based login flow (for a shibboleth IDP) ? This is a crucial feature for a federated educational ...