Disable replay policy for one relying party
N.Howes at warwick.ac.uk
Tue Mar 6 05:54:15 EST 2018
Is it possible to disable a security rule (or use a different TrustEngine) for a specific relying party? I've got an ADFS instance with a SAML2 SSO redirect that the browser is replaying to our IdP due to the cache headers ADFS is sending. A user would sporadically see this as a 404.
Ideally ADFS would send better cache headers but am looking into this in case that's not possible, since its AuthnRequest isn't signed so I don't think there's any danger in allowing a replayed request.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users