custom entityID

Brent Putman putmanb at
Thu Aug 6 20:53:41 UTC 2020

On 8/6/20 2:28 PM, Donald Lohr wrote:
> By adding the a *p:responderId* to the section of my 
> relying-party.xml specifically for this SP, login now works:
> <bean parent="RelyingPartyByName" 
> c:relyingPartyIds="" 
> *p:responderId="https://xxxx.yyyy.zzzz/idp/shibboleth"*>
>  .....
>  .....
> </bean>
> Right/wrong/indifferent
> Thanks,
> Don
If your actual requirement was to use a different cert/key AND a 
different entityID, then that would be correct.

As someone else already pointed out, if all you needed to do was use a 
different signing key/cert for that SP, then you can do that with the 
same entityID:

the "Per-Profile Credential" example.

This is not rare - although maybe not terribly common either. Most SPs 
don't care what cert/key you use - they use what you tell them.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list