question about IdP initiated SSO
Peter Schober
peter.schober at univie.ac.at
Mon Jul 29 13:51:34 EDT 2013
* Joy Veronneau <jv11 at cornell.edu> [2013-07-29 19:34]:
> Thanks for all the tips. I can see that the InCommon metadata for
> them doesn't have the issue so I am trying to find out why they are
> using AuthnRequestsSigned="true" in test.
As others have pointed out that metadata is fine and the problem will
not happen when starting at the SP (with an actual authnRequest).
Mark said he's using this same SP with SP-initiated logins, so
forgetting about IdP-initiated seems like an obvious route.
Or override your local copy of metadata for that SP (removing that
attribute), at least temporarily/for testing purposes.
-peter
More information about the users
mailing list