[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: Post upgrade to 4.2.1 - Invalid cookie header
From: "Cantor, Scott via users" <users () shibboleth ! net>
Date: 2022-07-08 18:51:52
Message-ID: 8B7D04B9-47DC-4937-A4A2-2C4D1FCB9433 () osu ! edu
[Download RAW message or body]
On 7/7/22, 9:03 PM, "users on behalf of Jay Fowler" <users-bounces@shibboleth.net on \
behalf of fowler@csufresno.edu> wrote:
> Just a guess ... Perhaps the ordering of the date fields is preventing the client \
> from translating it correctly?
My code has always used DD Mon YYYY, that's the intended syntax, though max-age is \
actually the normal way now.
> The http metadata was updated successfully so it didn't limit anything. However the \
> error still showed in the logs and only seems to be apply to a few providers, \
> namely:
If they're not signing and properly expiring that metadata, it's not usable anyway. \
Remote metadata from third party federations is the only proper way to consume remote \
metadata. Vendors don't do this correctly and should never be trusted like that, and \
that's even *if* you apply the proper filters to prevent one from asserting metadata \
for another, which you are probably not doing.
-- Scott
--
For Consortium Member technical support, see \
https://shibboleth.atlassian.net/wiki/x/ZYEpPw To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic