Qualtrics integration changes
Karla Borecky
kborecky at smith.edu
Fri Mar 16 08:55:21 EDT 2018
I have a separate standalone metadata file for Qualtrics (for Smith, just
like Lee's example) and I didn't have to add an exception to relying-party.
That was a long while ago, though, so I don't know if something changed.
On Fri, Mar 16, 2018 at 8:23 AM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> > I suggested that Qualtrics should add WantAssertionsSigned="true" to
> their
> > metadata, but the InCommon metadata management form does not appear to
> > allow that.
>
> It's something that usually demonstrates a non-compliant SAML SP, so I at
> least advised them that it was possibly going to incent bad behavior to
> start allowing it. That doesn't inherently mean it's a bad idea but it was
> something to consider.
>
> > In case I am forced to add an override for Qualtrics to our
> relying-party.xml,
> > has anyone else done this already? I obviously need to sign assertions,
> but do I
> > need to explicitly not sign responses?
>
> Once an SP is broken, there is no way to a priori know how broken it
> actually is. This presumes Qualtrics has no *actual* reason to be requiring
> them to be signed that is independent of the profile, such as an auditor
> saying something that they somehow translated into "they have to be signed".
>
> -- Scott
>
> --
> For Consortium Member technical support, see https://wiki.shibboleth.net/
> confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
Karla Borecky
Systems Administrator
ITS
Smith College
Northampton, MA 01063
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180316/3c6acd24/attachment.html>
More information about the users
mailing list