Limitations of valid entityIDs
Nate Klingenstein
ndk at internet2.edu
Wed Jul 2 21:39:08 EDT 2014
Jacob,
SAML 2.0 requires that entityID's be valid URI's. There are a number of other providers who have not followed that rule, and it's been painful for them afterwards. I would advise choosing a URI in a namespace that they control.
Shibboleth just takes the MUSTs in the specification more literally than some implementations.
Hope this helps,
Nate.
On Jul 2, 2014, at 7:36 PM, Jacob Lundberg <jacob at collegenet.com<mailto:jacob at collegenet.com>>
wrote:
Obviously we can't set up an integration with them using this entityID.
I am curious what sort of response is recommended in this situation. Is
this considered a Shibboleth-specific limitation or SAML2, etc? What is
the specific error or limitation? I guess maybe there is some list of
valid URL method strings and University_of_Heresville is not on the
list, so it can't be followed by a : like it is?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140703/42a43bbb/attachment.html
More information about the users
mailing list