Any "gotchas" to adding in SAML 2 support?
Mark Valites
mvalites at buffalo.edu
Thu Jul 5 20:24:17 EDT 2012
On Jul 5, 2012, at 7:57 PM, Eric Goodman wrote:
> I'm really just wondering if adding in the SAML2 can cause any confusion for an SP that was using SAML1 previously. Most of our SAML2 SPs are configured in our relying party to only have SAML2 support (not both SAML1 and SAML2), so I thought there might be a non-obvious way we could cause some sort of confusion between existing SPs and IdPs when we update the InCommon Metadata. And I figure there must be dozens of campuses that have already made this change, so they would be able to tell us if there's something to be wary of.
We had a couple SPs in InCommon that we were releasing a UB-specific attribute to (with a UB-specific name & oid) that didn't have the attribute's oid specified in their attribute-map. Fortunately, once the issue was discovered with the first one, the rest either all quickly updated or forced SAML1.
More information about the users
mailing list