ExternalApplicationOverrides and IdP Initiated
Cantor, Scott
cantor.2 at osu.edu
Fri Apr 24 12:26:43 EDT 2020
On 4/24/20, 12:15 PM, "users on behalf of Chris Stefano" <users-bounces at shibboleth.net on behalf of Chris.Stefano at statpro.com> wrote:
> I'm using an ExternalApplicationOverrides
> to load ApplicationOverride's from separate files for
> each domain I have.
There are very few cases left that require them, so the usual answer is to just stop using them. Vhosting doesn't require them, nor does assigning unique entityIDs.
I'd have to attempt to reproduce it but it's plausible that's a bug. File it and I'll eventually get back to it, but there probably won't be an SP patch barring security issues for a good while.
> If it helps, I can put together a working scenario using docker/compose to replicate the issue.
I wouldn't have any idea what to do with it, sorry. IdP initiated SSO is straightforward to reproduce a test for.
-- Scott
More information about the users
mailing list