O365 auth bypass

Cantor, Scott cantor.2 at osu.edu
Wed Apr 27 13:39:36 EDT 2016

On 4/27/16, 1:34 PM, "users on behalf of Rich Graves" <users-bounces at shibboleth.net on behalf of rgraves at carleton.edu> wrote:

>> all this agonizing over their misuse of persistent ID appears to be even worse than it appeared: they apparently require it be present but don't *use* it...
>Is it even required to be present? Google's recent directions for making the general-purpose SAML IdP recently launched in Google Apps (by the way, that happened) don't even mention it. https://support.google.com/a/answer/6363817?hl=en

The repeated indications from people making it work on this list have been that not including it breaks things, so I assume it is. Only one way to tell of course.

-- Scott

More information about the users mailing list