How to override DefaultRelayingParty values for an SP in relaying-party.xml
Peter Schober
peter.schober at univie.ac.at
Wed Nov 19 16:32:36 EST 2014
* mrahman <mrahman at brookdalecc.edu> [2014-11-19 22:22]:
> I forgot, the SP i was working with was weired and was sending auth request
> to https://idphostname/idp/profile/SAML2/Redirect/SSO address with POST
> binding.
Well, they should fix the endpoint or the binding then, so that they
match.
> Needed to use the same value in the provider id for the relaying
> party element (instead of the idp entity id) and the rule started
> matching.
Nate told you what needs to go into that element, and so would have
the documentation,
https://wiki.shibboleth.net/confluence/display/SHIB2/IdPRelyingParty
"provider - the entity ID used by the IdP when responding to this relying party"
Entering anything else that what the docs say is just asking for
trouble. Maybe that even means the SP is using the IDPs entityID in
its authentication request?
-peter
More information about the users
mailing list