SAML Proxy to Azure: odd IdP session timeout behavior
Cantor, Scott
cantor.2 at osu.edu
Wed Jun 23 20:31:55 UTC 2021
On 6/23/21, 4:20 PM, "Jeffrey Williams" <jfwillia at uncg.edu> wrote:
> Luckily, I can reproduce in a dev environment as well. I'll attach the log for it(idp-process and a saml-tracr).
The list won't accept anything that big, just file a bug and attach them.
> This one is slightly different from the client experience in that it starts with an SP-initiated request, gets
> redirected to Azure, where it prompts me to select a running Azure session, then it heads back to shib where
> the error. The client notes that they go to their SP and never get transitioned to Azure.
I think either Azure has a bug, or there's some non-understood behavior with it, but I really don't know at this stage. There should NOT be an issue with any cross-talk between requests by one client, the External method was patched a while back to deal with that problem and this just piggybacks.
But somehow there's a duplicate step that isn't supposed to be possible and I don't know how it can be happening, hopefully the HTTP trace will point to something.
-- Scott
More information about the users
mailing list