11:41 a.m.
Sorry, typing too fast:
I meant that that SATOSA should NOT send an empty RelyState.
Am 2018-04-22 um 11:39 schrieb Rainer Hoerbe <rh at
identinetics.com>:
[SAML-Bindings] says in the HTTP POST binding section:
831 If a SAML request message is accompanied by RelayState data, then the SAML responder
MUST return
832 its SAML protocol response using a binding that also supports a RelayState
mechanism, and it MUST
833 place the exact data it received with the request into the corresponding RelayState
parameter in the
834 response.
835 If no such [E31]RelayState data is included with a SAML request message, or if the
SAML response
836 message is being generated without a corresponding request, then the SAML responder
MAY include
837 RelayState data to be interpreted by the recipient based on the use of a profile or
prior agreement
838 between the parties.
Insuniating that the proxy is the smart party I guess that SATOSA should send and empty
RelyState.
- Rainer
Am 2018-04-19 um 15:06 schrieb Matthew X.
Economou <xenophon at irtnog.org <mailto:xenophon at irtnog.org>>:
Hello again,
We have a SP that sends a SAMLRequest without a RelayState. SATOSA's
SAMLResponse includes a RelayState of "None". This causes the SP to
redirect the user to a non-existent URL.
Is this a bug in SATOSA, for blindly serializing a Python None value?
Or is this a bug in the SP, for not including a valid RelayState value
with its SAMLRequest?
Best wishes,
Matthew
--
"The lyf so short, the craft so longe to lerne."
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se <mailto:satosa-users at lists.sunet.se>
https://lists.sunet.se/listinfo/satosa-users
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users