delegation in IDP3

Cantor, Scott cantor.2 at osu.edu
Tue Jul 26 18:21:34 EDT 2016


On 7/26/16, 5:34 PM, "users on behalf of Brent Putman" <users-bounces at shibboleth.net on behalf of putmanb at georgetown.edu> wrote:

>> it helps, I will note that we use CryptoTransient IDs in v2, which I believe
>>    is the default in v3.  We actually ran into a bug there initially, which
>>    required a patch to the extension:
>>    
>>      https://issues.shibboleth.net/jira/browse/SIDP-606
>>    
>    
>    Yep, sounds like a very similar issue.  Re-reading that I have absolutely no
> recollection of doing that patch, but I guess we re-discovered the problem, and
> essentially the same solution. :-)

This isn't specific to the crypto variant in V3, though it may have been in V2 (which was a bug there). The RP checking is the same regardless of how the ID is generated, so switching wouldn't work around the issue.

-- Scott

    





More information about the users mailing list