No Peer Endpoint - At a loss

Cantor, Scott cantor.2 at
Thu Nov 1 11:14:40 EDT 2012

On 11/1/12 10:52 AM, "Etan Weintraub" <eweintra at> wrote:

>Unfortunately, HTTP-POST isn¹t a viable option in this scenario.
>HTTP-Redirect is the only one that works. If it was the response XML
>being too large, I would expect a different issue. This has to be a
>mismatch somewhere, and I¹m just not seeing what that isŠ.

There's no such thing as a Redirect ACS. SPs can't do SSO over redirect,
it's the exception to the "mix any binding in" rule.

As far as what the IdP would do with this, I'm not sure, but my guess is
the error is an outgrowth of that.

But anyway, full stop, SAML 2 does not specify use of redirect for SSO
profile responses.

-- Scott

More information about the users mailing list