[SAMLv2/SSO] when processing AuthnResponse with binding HTTP-Post only the assertion need to be signed

If the message is signed, the assertion is also covered, but if only the
assertion is signed, there is no error to report. If the caller ask for
forcing the validation of message signature, then we report an error.

This commit also add checking for the binding used, if it is not
HTTP-Post lasso_login_process_authn_response_msg will now report an
error.

0 files changed, 0 insertions, 0 deletions