Add static/custom attribute with ACS Url

[Santu Ghosh]

Thanks Tom for you response.

Yes SP initiated working perfectly for all partner.
When I hit my SP initited url, ultimatly it redisrects to a url like bellow.




On Wed, Feb 7, 2018 at 9:47 PM, Tom Scavo <trscavo at gmail.com> wrote:

> On Wed, Feb 7, 2018 at 4:15 PM, Santu Ghosh <mon.snahasish at gmail.com>
> wrote:
> >
> >>but in an IdP-initiated flow, the IdP can
> > add whatever RelayState value the SP will understand (presumably by
> > prior agreement).
> >
> > Can you please give me an example how to add an parameter in an ACS url
> ??
>
> Let's back up a bit. First you need to understand how RelayState works
> in an SP-initiated flow: The SP attaches a RelayState parameter to the
> redirect URL, which the IdP is REQUIRED to return on the round trip.
> This is documented in the SAML standard.
>
> Presumably the SP includes a RelayState parameter so that it knows
> where to redirect the user at the very last step of the flow. Are your
> SPs that support SP-initiated doing this now? If not, I'm not sure why
> you're concerned with the SP that doesn't support SP-initiated. Either
> you need RelayState for all of them or none of them.
>
> That said, an IdP-initiated flow is inherently non-standard. The IdP
> could add an arbitrary RelayState parameter to the POST response but
> the SP may not understand it since the request did not originate at
> the SP. So if anything good happens in the IdP-initiated case it is by
> prior agreement only. If the IdP passes a RelayState parameter that
> the SP understands, then that means they colluded on its semantics.
> That's great.
>
> HTH,
>
> Tom
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/
> confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>



-- 
Snahasish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180208/cb02f179/attachment.html>