CAS OOB exception

Marvin Addison serac at
Fri May 24 14:31:56 EDT 2019

On Fri, May 24, 2019 at 11:54 AM Liam Hoekenga <liamr at> wrote:
> Does that mean that the only as long as the CAS entityID includes an ampersand, we won't be able to create metadata for this SP and will have to fall through to the service registry?

I'm going from memory, but I'm fairly certain that there's no reason
you should be including query string parameters in your CAS entity
IDs. Why do you think you need them?

> I know that ACS location can be a substring of what's being requested, but I assume that the entityID is an exact match (which would is hard since it contains and requires an illegal character).

You're correct about substring matching with ACS locations, but that's
all that matters for finding a matching relying party. For the
purposes of the attribute filter subsystem, the matching is whatever
predicates you've defined in the config, so exact match or whatever.
But I'm pretty sure you can choose a more sensible entity ID and
everything should work.


More information about the users mailing list