How to override DefaultRelayingParty values for an SP in relaying-party.xml

Peter Schober peter.schober at
Wed Nov 19 16:32:36 EST 2014

* mrahman <mrahman at> [2014-11-19 22:22]:
> I forgot, the SP i was working with was weired and was sending auth request
> to https://idphostname/idp/profile/SAML2/Redirect/SSO address with POST
> binding.

Well, they should fix the endpoint or the binding then, so that they

> Needed to use the same value in the provider id for the relaying
> party element (instead of the idp entity id) and the rule started
> matching.

Nate told you what needs to go into that element, and so would have
the documentation,
"provider - the entity ID used by the IdP when responding to this relying party"

Entering anything else that what the docs say is just asking for
trouble. Maybe that even means the SP is using the IDPs entityID in
its authentication request?

More information about the users mailing list