Unsoclicited SSO questions

Peter Schober peter.schober at univie.ac.at
Thu May 28 10:30:54 EDT 2015

* Johan Romin <johan.romin at egbs.se> [2015-05-28 16:21]:
> <div dir="ltr">Hi!</div>

Please don't post HTML-only messages to public mailing lists.

> The service provider I'm going to integrate with requires a signed
> authn request and supports only idp initiated flow.

An SP sends authn requests (or not, as in this case), an IDP provides
responses (containing assertions).  The above doesn't make any sense,
as a SAML2 authentication request is a SAML protocol message is issued
(and possibly signed) by the SAML Service Provider.
They cannot sign it and not support generating/sending it.

So that "requirement" just a contradiction in terms.

More information about the users mailing list