SAML (Security Assertion Markup Language) remains the dominant protocol for enterprise single sign-on. It connects identity providers to hundreds of service providers, creating a trust fabric that underpins access control across the organization. When SAML works correctly, it provides centralized, auditable authentication. When it fails, the blast radius encompasses every application in your SSO ecosystem.
From a supply chain perspective, SAML is both a critical dependency and an attack vector. Your SAML infrastructure depends on XML parsing libraries, cryptographic libraries, and identity provider software. Each of these is a supply chain component that can be compromised.
The SAML Attack Surface
XML Signature Wrapping
SAML assertions are XML documents with XML Digital Signatures. The signature validates the integrity of the assertion. XML Signature Wrapping (XSW) attacks exploit ambiguity in how the signature references the signed content.
An attacker takes a legitimate, signed SAML assertion and restructures the XML document so the signature still validates but the service provider processes attacker-controlled content. The signed content is moved to a location the signature verification code checks, while unsigned, malicious content is placed where the application logic reads.
This attack has affected major SAML implementations, including libraries used by cloud providers and enterprise software. It is a supply chain risk because the vulnerability exists in the SAML libraries your applications depend on, not in your application code.
XML External Entity (XXE)
SAML processing involves XML parsing. If the XML parser is configured to resolve external entities, an attacker can craft a SAML response that reads files from the server, performs SSRF attacks, or causes denial of service.
XXE in SAML is a supply chain vulnerability: it depends on how your XML parsing library handles entity resolution. Default configurations in many XML parsers are vulnerable.
Certificate and Key Management
SAML relies on X.509 certificates for signing and encryption. The security of your SAML infrastructure depends on the security of these certificates. A stolen IdP signing key allows an attacker to forge SAML assertions for any user at any service provider.
IdP Compromise
If your identity provider is compromised, the attacker can issue valid SAML assertions for any user. This is the Golden SAML attack, demonstrated notably in the SolarWinds breach where attackers compromised Active Directory Federation Services to forge SAML tokens.
Golden SAML is a supply chain attack against your authentication infrastructure. The attacker does not need to compromise individual service providers. They compromise the central trust anchor and gain access to everything.
Library Vulnerabilities
Vulnerable SAML Libraries
SAML processing libraries have had numerous critical vulnerabilities:
CVE-2017-11427 through CVE-2017-11430: Signature bypass vulnerabilities in Python, Ruby, and other SAML libraries allowed attackers to forge SAML assertions by exploiting XML comment handling.
CVE-2018-0489: Vulnerability in the Duo Network Gateway's SAML processing allowed authentication bypass.
CVE-2023-20593: SAML signature validation bypass in a major cloud provider's authentication library.
Each of these is a supply chain vulnerability. Your application's security depends on the correctness of the SAML library it uses. When a SAML library has a bug, every application using it is vulnerable.
Keeping Libraries Updated
Track the SAML libraries in your dependency tree. Many applications use SAML indirectly through authentication middleware or SSO integration packages. The SAML library might be a transitive dependency that you do not manage directly.
Ensure your dependency management process covers transitive dependencies and that vulnerability scanning identifies issues in nested SAML libraries.
Hardening SAML Deployments
Validate Assertions Completely
Do not rely on partial validation. Verify the signature, check that the assertion is not expired, validate the audience restriction matches your service, verify the issuer matches your expected IdP, and check that the InResponseTo field matches your authentication request.
Disable DTD Processing
Configure your XML parser to disable DTD processing and external entity resolution. This prevents XXE attacks regardless of the SAML library's handling:
In Java:
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
Enforce Signature Requirement
Reject unsigned assertions unconditionally. Some SAML implementations accept unsigned assertions when the overall SAML response is signed, but this creates opportunities for XSW attacks.
Implement Assertion Replay Prevention
Track assertion IDs and reject assertions that have been seen before. Without replay prevention, an intercepted valid assertion can be resubmitted to gain unauthorized access.
Short Assertion Lifetime
Configure your IdP to issue assertions with short validity periods, typically five minutes or less. This limits the window during which a stolen assertion can be used.
Monitor SAML Traffic
Log all SAML authentication events at both the IdP and SP. Alert on authentication for high-privilege accounts, failed authentication attempts, and assertions with unusual attributes or from unexpected sources.
Protecting Against Golden SAML
Secure the IdP Signing Key
The IdP signing key is the most critical secret in your SAML infrastructure. Store it in a hardware security module (HSM). Restrict access to the minimum number of administrators. Monitor for unauthorized access.
Rotate Certificates Regularly
Rotate IdP signing certificates on a defined schedule. This limits the utility of a stolen certificate and ensures your SP configurations are tested for certificate changes.
Detect Forged Assertions
Monitor for SAML assertions that do not correlate with IdP authentication events. If a service provider receives a valid SAML assertion but the IdP has no record of issuing it, that is a strong indicator of Golden SAML.
How Safeguard.sh Helps
Safeguard.sh provides visibility into the authentication libraries and identity infrastructure components in your software supply chain. It identifies vulnerable SAML libraries in your applications, tracks the versions of XML parsing and cryptographic libraries your SAML implementations depend on, and alerts when critical vulnerabilities are discovered in these components. When a SAML library CVE is published, Safeguard.sh identifies every application in your organization that uses the affected library.