unsolicited SSO question regarding AuthnRequestsSigned="true"
Cantor, Scott
cantor.2 at osu.edu
Tue Oct 22 12:47:10 EDT 2019
On 10/22/19, 12:41 PM, "users on behalf of Les LaCroix" <users-bounces at shibboleth.net on behalf of llacroix at carleton.edu> wrote:
> Quibble. There is no SAML stanza "samlp:AuthnRequest" being received by the IdP unless the IdP itself is generating
> it. There certainly isn't anything being provided by my browser like what would be redirected through the browser
> for an SP-initiated session.
It's just a proprietary binding for the exact same information. The core information in an AuthnRequest is an SP entityID, an AssertionConsumerServiceURL, and of lesser importance a timestamp. That's exactly what's in the query. An AuthnRequest is simply a standardized form for the information with additional features, but they're both identical in every other sense (and yes, the IdP does manufacture one to provide the information to the rest of the code in the same way).
-- Scott
More information about the users
mailing list