help with push attributes and potential curl ssl problem

Cantor, Scott cantor.2 at
Mon May 12 12:20:23 EDT 2014

On 5/12/14, 12:01 PM, "Ben Marsh" <blmarsh at> wrote:

>I am using centos 6.3 and I think that libcurl has ssl support compiled
>in so  I dont think that
> recompiling anything will help. (But I could be wrong)  Am I wrong?

Yes and no.

>Anyway I was told by the IdP vendor that I might have a way to avoid this
>all together by getting the user attributes the IdP sends me rather than
>asking for them seperately.  This is what I need help with.

You don't do queries when SAML 2 is used, so you are wasting your time on
it. The IdP isn't releasing any attributes, and that's the problem.

They are not going to require you to query for them and if you did, you'd
get nothing back anyway. For another thing, your SOAP query trace was
going to port 443, and that's almost certainly wrong, and suggests the
IdP's metadata is also wrong.

-- Scott

More information about the users mailing list