Blackboard Transact and IdP 3

IAM David Bantz dabantz at
Tue May 24 13:28:16 EDT 2016

Here's my working v2 relying party config for Transact:

<!-- BlackBoard Transact does not support encryption; uses
AttributeQuery 2014-10-23 -->
       <ProfileConfiguration xsi:type="saml:SAML2SSOProfile"
encryptAssertions="never" encryptNameIds="never" />
xsi:type="saml:SAML2AttributeQueryProfile" encryptAssertions="never"
encryptNameIds="never" />

Additional unique aspects of the Transact SP are:

<!-- Bb Transact require something like ePPN in the SAML Subject -->

<!-- Bb Transact requires its own unique FriendlyNames so add
definitions and encoders with those FriendlyNames -->

David Bantz

On Tue, May 24, 2016 at 8:24 AM, Peter Schober <peter.schober at>

> * James McCartin <jmccartin at> [2016-05-24 17:56]:
> > The SP does ignore the attributes sent in the HTTP POST and then
> > queries the IdP.  What can I look at to confirm that my v3 IdP
> > supports this type of attribute query?
> The documentation? I have no idea how you deployed your IDP, how you
> decided supported SOAP queries, on what port, involving what
> containers, etc.
> Assuming for now you have properly configured SOAP support, I'd start
> with making sure the port you publish for your IDP's
> AttributeAuthority endpoints is open on the firewall.
> I.e., if is your IDP
> make sure that can be reached
> from the outside world -- it currently isn't.
> If in doubt look at the SAML Metadata the SP in question has about
> your IDP, and make sure the endpoints puiblished there are reachable.
> -peter
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list