Help Needed: Shibboleth SP handling of 'Recipient' SAML Attribute
cantor.2 at osu.edu
Mon Jun 29 23:17:38 UTC 2020
On 6/29/20, 7:01 PM, "users on behalf of Nate Klingenstein" <users-bounces at shibboleth.net on behalf of ndk at signet.id> wrote:
> Right, sorry, I was looking at the recipient attribute of the EncryptedAssertion element rather than the decrypted
> assertion. Is there a reason why that's the entityID rather than the ACS?
They're two completely different standards with different uses for an attribute that happens to be named the same thing. The name in SAML should have just been Destination, it was a bad choice.
More information about the users