ExternalApplicationOverrides and IdP Initiated

Cantor, Scott cantor.2 at osu.edu
Fri Apr 24 12:26:43 EDT 2020

On 4/24/20, 12:15 PM, "users on behalf of Chris Stefano" <users-bounces at shibboleth.net on behalf of Chris.Stefano at statpro.com> wrote:

> I'm using an ExternalApplicationOverrides
>  to load ApplicationOverride's from separate files for
> each domain I have.

There are very few cases left that require them, so the usual answer is to just stop using them. Vhosting doesn't require them, nor does assigning unique entityIDs.

I'd have to attempt to reproduce it but it's plausible that's a bug. File it and I'll eventually get back to it, but there probably won't be an SP patch barring security issues for a good while.

> If it helps, I can put together a working scenario using docker/compose to replicate the issue.

I wouldn't have any idea what to do with it, sorry. IdP initiated SSO is straightforward to reproduce a test for.

-- Scott

More information about the users mailing list