delegation in IDP3
Cantor, Scott
cantor.2 at osu.edu
Tue Jul 26 18:21:34 EDT 2016
On 7/26/16, 5:34 PM, "users on behalf of Brent Putman" <users-bounces at shibboleth.net on behalf of putmanb at georgetown.edu> wrote:
>> it helps, I will note that we use CryptoTransient IDs in v2, which I believe
>> is the default in v3. We actually ran into a bug there initially, which
>> required a patch to the extension:
>>
>> https://issues.shibboleth.net/jira/browse/SIDP-606
>>
>
> Yep, sounds like a very similar issue. Re-reading that I have absolutely no
> recollection of doing that patch, but I guess we re-discovered the problem, and
> essentially the same solution. :-)
This isn't specific to the crypto variant in V3, though it may have been in V2 (which was a bug there). The RP checking is the same regardless of how the ID is generated, so switching wouldn't work around the issue.
-- Scott
More information about the users
mailing list