SP Signed SAML requests
shibbolethlynda at yahoo.com
Mon Feb 18 16:37:28 EST 2013
OK, rule added and issue resolved (for two different PingFederate IDps). For what it's worth, anyone connecting to Ping Identity's Ping Federate IDp will have to have request signing turned on to work with that system. According to my customer, they cannot turn that off on their side.
From: "Cantor, Scott" <cantor.2 at osu.edu>
To: Shib Users <users at shibboleth.net>
Sent: Monday, February 18, 2013 1:12 PM
Subject: RE: SP Signed SAML requests
> Having turned off signing, I have a customer now that reports this error:
> Error from identity provider:
> Status: urn:oasis:names:tc:SAML:2.0:status:Requester
> Message: Signature required
> Will I need to set a rule like this for them?
Yeah, more or less.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users