Banner 9 Application Navigator - sends AuthnRequest as POST
Lipscomb, Gary
glipscomb at csu.edu.au
Mon Dec 10 16:06:00 EST 2018
Hi Rod, Peter
For some reason the vendor manually edited the idp metadata :-( . After using the HTTP-POST endpoint SSO is starting to work. Some issues with http and https to sort out now.
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Peter Schober
Sent: Monday, 10 December 2018 23:02
To: users at shibboleth.net
Subject: Re: Banner 9 Application Navigator - sends AuthnRequest as POST
* Lipscomb, Gary <glipscomb at csu.edu.au> [2018-12-10 06:07]:
> The vendor is telling us they can't change it from a POST and that
> we need to reconfigure Shibboleth.
What Rod said. You gave them the wrong endpoint (i.e., the one for
your HTTP-Redirect protocol binding). Providing them with your
endpoint for HTTP-POST binding should Just Work™.
If the software picked that by itself from SAML 2.0 metadata it would
be broken. Providing it with metadata containing only the POST binding
for SSO would avoid even that issue.
-peter
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list