On Wednesday the 12th of October at 11:30 we will update the Feide login systems.
Important:
This update includes a change to prevent external sites from embedding the login page using iframes. This is done to improve security with regards to clickjacking attacks. Any services where more than 1% of logins have been done through embedding will continue to work as before for now. If you are relying on embedding the login page, please start work on alternate flows as soon as possible.
Changes:
* Send headers for login page to prevent embedding in iframes
* Update of underlying SimpleSAMLphp library version
* Minor bugfixes and internal improvements
If you have any questions or concerns about this update, please contact us at kontakt(a)sikt.no.
A side note: This message is sent via our new mailing list feide-updates(a)lister.sikt.no. All existing subscribers have been transfered.
--
Regards,
Morten Knutsen
Sikt / Feide