Been testing the lastest SAML work, and it looks good. - Fetching metadata now works - Setting a different default sig alg works
Two things; - Is it possible to give IdPs a friendly name? - How do you add more than one? -- Erik On Wed, Jun 3, 2015 at 8:55 PM, Erik Weber <[email protected]> wrote: > On Wed, Jun 3, 2015 at 11:52 AM, Erik Weber <[email protected]> wrote: > >> >> On Wed, Jun 3, 2015 at 11:10 AM, Rohit Yadav <[email protected]> >> wrote: >> >>> Hi Erik, >>> >>> > On 02-Jun-2015, at 11:04 pm, Erik Weber <[email protected]> wrote: >>> > >>> > Possible improvement: >>> > >>> > If saml2.idp.id is blank, try getting it from the metadata. I don't >>> know >>> > about all other IdPs, but atleast with Microsoft ADFS the IdP id is >>> part of >>> > the <EntityDescriptor> tag. >>> > >>> > Example: >>> > <EntityDescriptor ID="_66183bea-76b8-4838-9579-6d17a2357d3d" entityID=" >>> > http://ppfs.infostorm.no/adfs/services/trust"; >>> > xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> >>> > >>> > saml2.idp.id in this case is: >>> http://ppfs.infostorm.no/adfs/services/trust >>> >>> Thanks, for suggesting will fix this and for all your help in testing >>> ADFS with the auth plugin. >>> >>> In future, you’ll only need to give it the metadata URL. >>> >>> I’m working on something to support multiple IdP servers, say in case of >>> federated login systems where the metadata may have multiple IdP servers. >>> In that case this setting will be useful to identify default IdP server >>> (will change the config name) >> >> >> >> Sounds reasonable :-) >> >> > > By the way, let me know if you want assistance in troubleshooting the > metadata download failing on https. > > -- > Erik >
