cantor.2 at osu.edu
Wed Apr 1 08:31:21 EDT 2020
On 4/1/20, 8:26 AM, "users on behalf of Craig Pluchinsky" <users-bounces at shibboleth.net on behalf of craigp at iup.edu> wrote:
> I just notice occasionally in our IDP logs the messages below. I'm assuming the aaaa/AAAA is because of the case of the
That would be a deployment bug, you need to fix your subject c14n configuration to account for that.
> But I've also saw messages where the principal is different, like the second message with bbbb/CCCC. Is this an issue or
> just the session id being re-used?
Only you can decide whether it's an issue or not, it is what it is. How you choose to handle the switch is controlled by a property. The IdP can protect itself, but it can't do anything for all the applications subject to breach by a shared machiine.
More information about the users