Actually according to the SAML2 Specification it should not be returning
the InResponseTo for any unsolicited/ IdP Initiated
SSO's: https://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
4.1.5 Unsolicited Responses
An identity provider MAY initiate this profile by delivering an
Is this push going to resolve this issue?
https://github.com/apereo/cas/blame/7fca3208abdf1b39bb15662a2d5c66c7284276b2/support/cas-server-support-saml-core-api/src/main/java/org/apereo/cas/support/saml/util/AbstractSaml20ObjectBuilder.java#L355
Thank you,
Matt
On Friday, September 8, 2023 at 3:3
@mmoayyed
Thank you for fixing this
https://github.com/apereo/cas/commit/b0e9a98f5003e477a6816fd57b3474aea4513f12
Thank you,
Matt
On Tuesday, September 19, 2023 at 9:14:23 AM UTC-4 Matthew Gordon wrote:
> Is this push going to resolve this issue?
>
>
> https://github.com/apereo/cas/blame/7fca32
