SP ACS extra query string parameter rejected by IdPv3, not rejected by IdPv2

Tom Zeller tzeller at dragonacea.biz
Sun Mar 13 15:18:05 EDT 2016


>> Which behavior is correct?  IdPv2 being tolerant of the extra parameter, or IdPv3 rejecting it?  Is this a bug in IdPv3, or is this an issue I need to bring up with the service provider?
> 
> It's a bug in V2 apparently, though I don't know how that's possible at this late a date. People have encountered this before, so I was fairly certain the behavior wasn't new.

Not exactly sure, but it looks like the V2 AuthnResponseEndpointSelector checks the ACSURL index then the location, while the V3 DefaultEndpointResolver checks the location then the index.



More information about the users mailing list