Issue with Shibboleth
Cantor, Scott
cantor.2 at osu.edu
Tue Feb 26 15:11:40 EST 2013
On 2/26/13 2:58 PM, "Joseph Griffiths" <joseph at oar.net> wrote:
>At first glance I would assume that this issue is handled via the common
>list
>https://wiki.shibboleth.net/confluence/display/SHIB2/IdPTroubleshootingCom
>monErrors but when we force a SAML2 connection the AA returns data to
>our SP. I have no idea why the 1.3 implementation of the AA is failing
>while the 2.0 works. Any direction anyone
> can provide in solving this issue would be gratefully accepted.
2.0 works because there's no query, the attributes are pushed. Their IdP
is not supporting client TLS on the back channel or it's configured
improperly, so queries aren't working. Nothing you can do about that, they
have to fix the IdP or stop supporting queries and either push attributes
all the time or dump SAML 1.1.
-- Scott
More information about the users
mailing list