Use of EncryptedID not supported in LogoutRequest

Cantor, Scott cantor.2 at osu.edu
Wed Jul 13 21:09:44 EDT 2016


On 7/13/16, 8:47 PM, "users on behalf of Lipscomb, Gary" <users-bounces at shibboleth.net on behalf of glipscomb at csu.edu.au> wrote:

> Signing is still on, as well as encryption. When encryption was turned off at the SP got
> the following
    
        <ApplicationDefaults entityID="https://scciprod01.csumain.csu.edu.au/shibboleth-sp"
                             REMOTE_USER="uid eppn"
                             signing="true",encryption="false">

You have a comma in there. That isn't valid, but I don't know if it's accurate either, or what is happening if that's in the mix.

The error returned is just the one you posted the log from, that's the IdP returning the error to the SP, and it fits the behavior when, again, the message is not signed. I simply don't see any other answer here, and it is not what I see in the code in the case of the encryption problem.

The definitive here is what message the SP is issuing. If you trace that it will be quite evident if it's signed or not, and if it's not then you can't possibly by using the configuration you're saying is used.

-- Scott




More information about the users mailing list