]
Anil Saldhana updated JBID-163:
-------------------------------
Fix Version/s: IDFED-1.0.0.beta1
fill ProtocolBinding attribute of AuthnRequest messages
-------------------------------------------------------
Key: JBID-163
URL:
https://jira.jboss.org/jira/browse/JBID-163
Project: JBoss Identity
Issue Type: Feature Request
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha5
Reporter: Marcel Kolsteren
Assignee: Marcel Kolsteren
Fix For: IDFED-1.0.0.beta1
According to the SAMLv2 specification, the attributes AssertionConsumerServiceURL and
ProtocolBinding (both optional) typically accompany each other. I found that AuthnRequest
messages sent by JBID to an OpenSSO IDP are rejected, because the
AssertionConsumerServiceURL is filled, but the ProtocolBinding is left blank.
My proposal is to change the JBossSAMLAuthnRequestFactory so that it fills
ProtocolBinding with HTTP-POST. As far as I know, the other possible binding for the
assertion consumer, HTTP-Artifact, is not supported by JBID.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: