Specifying relayState to pass plain URL format for SLO in SP settings

Cantor, Scott cantor.2 at osu.edu
Mon Apr 25 09:10:05 EDT 2016

> I don't remember why we chose years ago to set relayState="ss:mem" in
> the <Sessions> element when moving to the new configuration file format:
> it could have been taken from an example file perhaps.

AFAIK, that's still the default. Setting it differently for different profiles isn't typical, so setting it in the Sessions element is the normal way of globally altering it.

> We are not going to change the settings for other SPs, if there is no
> pressing reason to remove relayState="ss:mem" from <Sessions>. If
> someone has a good argument for leaving it at the default, I would be
> happy to bring it up at management level and make that change (the more
> defaults the easier to manage our own changes).

You have to distinguish between "default if not set" and "default as shipped". The shipping default now is ss:mem, that is the recommendation. It is NOT recommended to expose resource URLs in RelayState, and it isn't even legal, strictly speaking, RelayState is limited to 80 bytes.

-- Scott

More information about the users mailing list