Hi,

I have a web application which uses an identity provider for authentication in accordance with SAML 2.0 protocol.

Does this web application (service provider) have to validate a security...