palakova

Validate asserting party metadata signature

2

Various elements in metadata can be digitally signed. Although signatures are optional, according to [SAML specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf), section _4.3.3.2 Processing Signed Documents and Fragments_, "Metadata consumers MUST validate signatures, when present."...

Make name resolution configurable in OpenSamlLogoutRequestValidator

4

**Describe the bug** Spring SAML considers NameID to hold username, populates `Saml2AuthenticatedPrincipal#name` with NameID value and later in Single Logout flow again populates/validates NameID value using Principal Name. This behaviour...