Addition of SAML2 support for SP

Cantor, Scott cantor.2 at
Thu Nov 8 15:17:16 EST 2012

On 11/8/12 3:12 PM, "Ian Young" <ian at> wrote:
>Presumably that's true now if the SP has only SAML 1 metadata?  Which is
>to say, it's not making anything worse?

It depends on error handling and discovery, but yes, in some sense it
might just be changing where the error shows up. But that would be a sign
of a discovery problem in terms of how things are deployed. If you give
users the option to pick an IdP that doesn't actually work for your
system, then of course it will break but that's a fixable issue by
changing discovery.

-- Scott

More information about the users mailing list