IdP 3.3.1 to 3.4.6 -- transientID difference?
Leonard J. Peirce
leonard.peirce at wmich.edu
Fri Feb 14 16:10:26 EST 2020
Full disclosure: the 3.4.6 I'm using is a new install.
In configuring 3.4.6 I naturally tried to keep our config as
similar to 3.3.1 as possible but an SP we support is having
an issue. The config for the SP is very simple, only two
attributes being released.
Looking at the audit log entries for the SP for 3.3.1 and
3.4.6 I see small differences namely, 1) the transientID
in the NameID being generated is different, and 2) the last
field in 3.4.6 is "true" where in 3.3.1 is is blank.
I also test with aacli.sh and the transientID is different but
I can't think of anything that I did that would've affected it.
I've checked the configs and secret keys/passwords between the
two versions and they are the same. Looking the output of
strings for sealer.jks 3.3.1 and 3.4.6 shows minor differences.
I guess my question is: should transientID be different between
3.3.1 and 3.4.6?
More information about the users