Does SP3 not sign authn requests by default?

Cantor, Scott cantor.2 at
Wed Jul 25 17:41:00 EDT 2018

On 7/25/18, 5:00 PM, "users on behalf of Wessel, Keith" <users-bounces at on behalf of kwessel at> wrote:

> This was still there after the upgrade to 3.0 but didn't result in the authn request to the IdP being signed. The signing 
> attribute had to be added to the <ApplicationDefaults> elemnt before the IdP would skip endpoint validation again, or 
> so it appears.

That's probably something subtle connected to the legacy configuration support but I don't know whether the change is intentional or not. I would guess it's a bug, and even if not I hadn't documented it as changing.

-- Scott

More information about the users mailing list