<samlp:Response> or <saml2p:Response> in the SAML response
Brent Putman
putmanb at georgetown.edu
Tue May 2 17:02:12 EDT 2017
On 5/2/17 4:56 PM, John Dennis wrote:
> Look for the name space declaration. Is it there? If yet then the
> sender is OK and the receiver is at fault. If it's not there then it's
> the senders fault.
I can state with 99.999% certainty that the Shib IdP would not send that
namespace prefix without the corresponding namespace declaration. This
code has essentially been in use for over a decade. If there were such
an egregious bug, we would have found it long ago.
The receiver (SP) is at fault here. (And sadly, this is not unusual.
We have seen lots of fundamentally broken XML processing over the years
- like trying to do it with a regex or similar).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170502/3afb1c7e/attachment-0001.html>
More information about the users
mailing list