We should validate the SAMLRequest signature incoming from the Federator to have an additional layer of security