change IdP IP address and unknown artifact

Cantor, Scott cantor.2 at
Mon Nov 24 10:53:40 EST 2014

On 11/24/14, 3:30 PM, "Athanasios Douitsis" <aduitsis at> wrote:
>>Nope, the messages are actually on the new IP.  My first thought was DNS
>>TTL, but the old IP was actually down as I had stopped the jail. So I
>>shouldn't be able to see server if that was so.

Well, the only explanation I can think of is that the clients are still 
hitting the old server and getting artifacts to resolve that aren't on the 
new one. That's just the only possibility.

>The new IP gets the request to /profile/SAML2/SOAP/ArtifactResolution
>normally, but for some reason doesn't know about the artifact being
>requested. Query, the artifact value is completely opaque, right?

No, not really. The message ID portion is opaue, but not the rest of it.

-- Scott

More information about the users mailing list