[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: Behavior when skipEndpointValidationWhenSigned is used but ProtocolBinding isn't set
From: "Cantor, Scott via users" <users () shibboleth ! net>
Date: 2024-02-28 18:58:40
Message-ID: F4F164D0-3333-40C3-8A90-AC0DAEDA0B4A () osu ! edu
[Download RAW message or body]
> Since we're relying on the signed AuthnRequest instead of the
> AssertionConsumerService metadata element, would the missing
> ProtocolBinding explain the failure we're seeing?
Yes.
It's also non-standard behavior, so worth bearing in mind that I don't think anything \
else supports it (I imagine some don't validate period, but I don't think it's common \
in SAML to only behave that way with a signature). I use it for a few internal SPs \
since there's more control but would never count on it in any federated scenario as \
an SP (if that matters).
-- Scott
--
For Consortium Member technical support, see \
https://shibboleth.atlassian.net/wiki/x/ZYEpPw To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic