IdP 3.x artifact resolution configuration flexibility
Scott Koranda
skoranda at gmail.com
Thu May 28 10:45:05 EDT 2015
> On 5/28/15, 2:20 PM, "Scott Koranda" <skoranda at gmail.com> wrote:
>
>
>
> >I am inquiring about the Shibboleth IdP v 3.1.1 or later.
> >
> >Suppose I want to specify the EndpointIndex the IdP is to
> >include in the artifact it sends in response to an
> ><AuthnRequest> with the HTTP-Artifact binding.
> >
> >Would that be possible with "configuration only"?
>
> Yes, it's in idp.properties, or you might want to factor it into a
> separate property file I guess to limit the "node-specific" content to
> just one property.
>
> # May differ to direct SAML 2 artifact lookups to specific server nodes
> #idp.artifact.endpointIndex = 2
Nice.
>
> (The reason it defaults to 2 is that the SAML 1 endpoint gets assigned "1"
> in the example metadata.)
>
> With the newer RP config, you can certainly override this in the file, but
> by default it will be set based on the property.
>
> I'm going to take a guess that you tried this and it didn't work, so
> there's probably a bug...
No, I simply overlooked it. Sorry for the noise.
I will be testing it and will let you know if I do see an
issue.
Thanks,
Scott K
More information about the users
mailing list