IdP 3.4.1 unexpectedly attempting metadata retrieval

Cantor, Scott cantor.2 at
Tue Nov 13 09:37:16 EST 2018

> When the IdP initially responds to an authentication request, it's trying to
> retrieve two of our locally defined entity groups (used in
> relying-party.xml) from an MDQ service.  We have other entity groups defined
> but they don't appear in relying-party.xml (this appears to be the
> differentiator).

That's the AffiliationDescriptor support.  There's a way to disable the lookups in the group based attribute filter function, doing it in the relying party code might not be possible without just duplcating and altering the RelyingPartyByGroup shortcut bean.

-- Scott

More information about the users mailing list