Missing attribute from SAML2 response

[Cantor, Scott]

On 11/7/12 12:00 PM, "David Bantz" <dabantz at alaska.edu> wrote:

>Prior to the block of encrypted data in the logs should be something like
>'SAML assertion to be encrypted:' with the clear-text SAML assertion.

On the IdP, yes, but he's on the other end. The SP logs provide enough
evidence of whether an attribute is included without needing the IdP log
or the decrypted assertion (though all recent/supported versions do log
the decrypted assertion).

-- Scott