<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
By adding the a <tt><b>p:responderId</b></tt> to the section of my
relying-party.xml specifically for this SP, login now works:<br>
<br>
<tt><bean parent="RelyingPartyByName"
c:relyingPartyIds=<a class="moz-txt-link-rfc2396E" href="https://acme.com/sp/shibboleth">"https://acme.com/sp/shibboleth"</a> </tt><tt><b>p:responderId=<a class="moz-txt-link-rfc2396E" href="https://xxxx.yyyy.zzzz/idp/shibboleth">"https://xxxx.yyyy.zzzz/idp/shibboleth"</a></b></tt><tt>></tt><tt><br>
</tt><tt> .....<br>
.....<br>
</bean></tt><tt><br>
</tt><br>
Right/wrong/indifferent<br>
<br>
Thanks,<br>
Don<br>
<br>
<div class="moz-cite-prefix">On 8/6/20 2:18 PM, Les LaCroix wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+0uUd86Sg=McOj+SPy9L8V4gorwrFHfCpHP2TqRbrQhCudM7A@mail.gmail.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div class="gmail_default" style="font-family:trebuchet
ms,sans-serif;font-size:small;color:#073763">Surely, if I'm
not aware of a feature, it must be obscure. (just kidding)</div>
<div class="gmail_default" style="font-family:trebuchet
ms,sans-serif;font-size:small;color:#073763"><br>
</div>
<div class="gmail_default" style="font-family:trebuchet
ms,sans-serif;font-size:small;color:#073763">I think, though,
I'm pretty happy that I haven't had the need to
override responderId yet.</div>
<div class="gmail_default" style="font-family:trebuchet
ms,sans-serif;font-size:small;color:#073763"><br>
</div>
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr"><br>
<table
style="color:rgb(136,136,136);border:none;border-collapse:collapse">
<tbody>
<tr style="height:0pt;border-top:1pt solid
rgb(204,204,204)">
<td style="border-right:1pt solid
rgb(204,204,204);vertical-align:middle;padding:5pt;overflow:hidden">
<p dir="ltr"
style="line-height:1.2;margin-top:0pt;margin-bottom:0pt"><a
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.carleton.edu_&d=DwMFaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=KXGyT1pu743_ZUqKvh3n1hk-cwLSZdmeQEXNUOJt8ig&s=4zTWJXfhNo7adFHb5z_YdZt-H1qItxTHQhgdo3Y2ALQ&e="
target="_blank" moz-do-not-send="true"><span style="font-size:11pt;font-family:Arial;color:rgb(17,85,204);vertical-align:baseline;white-space:pre-wrap"><span style="border:none;display:inline-block;overflow:hidden;width:70px;height:73px"><img src="https://lh6.googleusercontent.com/QEL1To3Ci_dJA1huaKzfZ0Lf4MaZlAy_f-W3vQjbyzNq_yXq_ZYGv3tuT4dkaZS_bZ5X6fZR4iKzBboZhxbCF5htZFnLNKGqmrzHsVJtsjsy0pfK5w2z0Dlq-EtZcWhv0PxBpWmR" style="margin-left:0px;margin-top:0px" moz-do-not-send="true" width="70" height="73"></span></span></a></p>
</td>
<td style="border-left:1pt solid
rgb(204,204,204);vertical-align:top;padding:10.8pt;overflow:hidden">
<p dir="ltr"
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font
face="Arial" color="#dea410"><span style="font-size:14.6667px;white-space:pre-wrap"><b>Les LaCroix '79</b></span></font></p>
<p dir="ltr"
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span
style="color:rgb(11,80,145)"><span style="font-size:11pt;font-family:Arial;vertical-align:baseline;white-space:pre-wrap">Strategic Technologist</span></span></p>
<p dir="ltr"
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span
style="color:rgb(11,80,145)"><span style="font-size:11pt;font-family:Arial;vertical-align:baseline;white-space:pre-wrap">Information Technology Services</span></span></p>
<p dir="ltr"
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span
style="color:rgb(11,80,145)"><span style="font-size:11pt;font-family:Arial;vertical-align:baseline;white-space:pre-wrap">t: (507) 222-5455</span></span></p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Aug 6, 2020 at 12:55
PM Cantor, Scott <<a href="mailto:cantor.2@osu.edu"
moz-do-not-send="true">cantor.2@osu.edu</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On
8/6/20, 1:38 PM, "users on behalf of Les LaCroix" <<a
href="mailto:users-bounces@shibboleth.net" target="_blank"
moz-do-not-send="true">users-bounces@shibboleth.net</a> on
behalf of <a href="mailto:llacroix@carleton.edu"
target="_blank" moz-do-not-send="true">llacroix@carleton.edu</a>>
wrote:<br>
<br>
> Last resort for me would be to run a completely
separate SAML provider.<br>
<br>
I'm not sure I buy the value of running a second IdP instead
of adding<br>
<br>
p:responderId="secondentityid"<br>
<br>
to a file.<br>
<br>
I entirely agree it's a bad thing to agree to, but not because
it's hard. It's one of the least invasive "bad idea" changes I
could think of in fact, and it's certainly not obscure.<br>
<br>
-- Scott<br>
<br>
<br>
-- <br>
For Consortium Member technical support, see <a
href="https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_x_coFAAg&d=DwMFaQ&c=eLbWYnpnzycBCgmb7vCI4uqNEB9RSjOdn_5nBEmmeq0&r=Pa2DB88IW_s2TyLfktHtWA&m=KXGyT1pu743_ZUqKvh3n1hk-cwLSZdmeQEXNUOJt8ig&s=-Tc1tGL8TvJCUEWTZHTQgIBpO23XX9RAtYPEsso2pl0&e="
rel="noreferrer" target="_blank" moz-do-not-send="true">https://wiki.shibboleth.net/confluence/x/coFAAg</a><br>
To unsubscribe from this list send an email to <a
href="mailto:users-unsubscribe@shibboleth.net"
target="_blank" moz-do-not-send="true">users-unsubscribe@shibboleth.net</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
D o n a l d L o h r
I n f o r m a t i o n S y s t e m s
J a m e s M a d i s o n U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0
</pre>
</body>
</html>