Is skipEndpointValidationWhenSigned still an issue?
Cantor, Scott
cantor.2 at osu.edu
Wed May 25 12:34:48 EDT 2016
On 5/25/16, 12:30 PM, "users on behalf of Brent Putman" <users-bounces at shibboleth.net on behalf of putmanb at georgetown.edu> wrote:
> I noticed that the AuthnRequest has both AssertionConsumerServiceIndex and
> AssertionConsumerServiceURL, BUT no ProtocolBinding.
> Because of the absence of the binding, perhaps the URL can't be effectively evaluated?
> And if there's no metadata corresponding for that index then it wouldn't work either?
> Just speculating.
Hmm. IIRC the Shibboleth SP doesn't include ProtocolBinding by default either, so given that that's the normal case I'd be interoperating with SPs with this setting, I doubt that should matter. I think it defaults to a binding based on precedence rules in the system.
-- Scott
More information about the users
mailing list