Ex: Re: authnrequest with no ACS info
Paul B. Henson
henson at cpp.edu
Thu Oct 27 23:14:01 UTC 2022
On Thu, Oct 27, 2022 at 11:07:29PM +0000, Cantor, Scott via users wrote:
> There's nothing wrong with defaulting the endpoint, but it is illegal
> in SAML to use the redirect binding for a response in SSO. You can do
> logout responses and other messages, but not full SSO that way, so the
> IdP does not look for that binding and can't find any eligible one to
> use.
Excellent, thanks much for the technical detail to flush out my "you're
doing it wrong" message :).
--
Paul B. Henson | (909) 979-6361 | http://www.cpp.edu/~henson/
Operating Systems and Network Analyst | henson at cpp.edu
California State Polytechnic University | Pomona CA 91768
More information about the users
mailing list