-
We are successfully using SAML and implementing the redirect protocol. However, one of the IDP that we're testing against is more strict as it verifies the ProtocolBinding option. What am i missing? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
First of all at the time when this discussion was started
About this part of your question:
See SAML specifications (list is provided e.g. here: #326 (comment) ). IMHO you are missing that based on Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 Chapter 3.4 Authentication Request Protocol (lines 1968 - 2323 of that document)
i.e. it tells which binding of the ACS at the SP side should be used when IdP delivers response.
and about this part of your question:
It seems that about this:
Have you configured (with SAML metadata or manually) different protocol binding to IdP side for your SP (e.g. artifact binding) or maybe incorrect ACS URL? |
Beta Was this translation helpful? Give feedback.
First of all at the time when this discussion was started
master
pointed to versione691ccf39b9f3521268fc31b8b8f099beae4654c
so here is your question re-written so that links pointing tomaster
are replaced with links pointing to exact version in order to preserve situation for anyone who lands this discussion in the future (and after content ofmaster
branch has evolved):