IDP access to "RequesterID" ?
Liam Hoekenga
liamr at umich.edu
Tue May 23 10:08:06 EDT 2017
We're doing some integration work with Cirrus's IDP proxy, and it looks
like they reveal that entityID of the original SP making the request in the
authn statement:
<samlp:Scoping>
<samlp:RequesterID>https://killerapp.supercool.com</samlp:RequesterID>
</samlp:Scoping>
It would be awesome if we didn't have to consider all of the proxied SPs to
be the same SP. Does the IDP have access to the Scoping element (and the
RequesterID element inside of it) in a place that it could be used for
making decisions?
Liam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170523/90ee5ac2/attachment.html>
More information about the users
mailing list