edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
Re: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN
Chronological Thread
- From: Thijs Kinkhorst <thijs.kinkhorst AT surf.nl>
- To: edugain-discuss AT lists.geant.org
- Subject: Re: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN
- Date: Thu, 15 Apr 2021 12:54:03 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=surf.nl; dmarc=pass action=none header.from=surf.nl; dkim=pass header.d=surf.nl; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pSaDentUIs19m+GDISut+oa2ntSBK4slAhHG/IWtbyk=; b=JwnNPkUh0dZ3CLxN9Cu54Z8eE9Bj7gNz+QjvaQk53T8Ft8Atrm8VVlP39qLAEHBz5qnX87skUKbu23QGLYsP+/ZroAjkT+dqVAhK5Zq6MGlmpGIr5efvKBt7iltfbzzOodNDDf5qnRPXunonU3LY40svJM+gqBBhiWJkP5A6fHMPGo4z2y6xX2yNahexJxP+d6HynuttKOEtEbuDWIFZfnUac+7/aELS00s2Ll/HwFdfKpGvipuoV6o25AQnUo9V6e0zTwa4we0YciYHwJRYm26X/8g+OI5xheWweR5pmB2j0xanUemqqWl7lWncwH60rrvVj8j99w0y7rbgILm7yg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bU7RazjyR97v3ifMDTufx3HvEJlDje9voojgAdxZdav/BHJrZKYIt5vmduyXTRBk4aN3r29lvXKiMuHTDQpFFgQYQNhwwG+jTgrDsQnup8DVin250yec9utq3w4y9PvjEafvBMWKURLoCy12/r1aq/V65bNRkNEXEgheP+1ne5mnsLqMyUNgyHEcN3mHGWBtVq0Czj9Zc7Arad0xJVdNwTSC2GJrMneiX3wTjleOsVfI79xqq2GGMjsSLmZeOs/PJHik9CdCuKFHP931Gs8zKqyXAGB/oM9uYfV87VBO7AOzFFt98SrayXI0oA98WzpW6MACytgq3+J4VUH11xyphA==
- Authentication-results: lists.geant.org; dkim=none (message not signed) header.d=none;lists.geant.org; dmarc=none action=none header.from=surf.nl;
- Organization: SURF
Hi Alan,
Op 15-04-2021 om 12:39 schreef Alan Lewis:
Within the WP T&I Incubator activity we are looking at the requirements for developing a Test IdP service that will be closely aligned to the needs of R&E and the federations that support it.
One aim would be to assist SPs in ensuring their SAML SP is correctly setup to be trustworthy and requesting the ‘right’ data in the right way.
To make any service as useful as possible it would be very helpful to understand as many situations as possible where the SAML flow with an SP fails. This could be due to metadata semantics,
configuration issues at the SP, or even more basic errors.
I’d be grateful to hear about the most common problems that you have with SAML integration of your SPs which will help us in building up some test case error scenarios.
Looking forward to sharing your problems.
Sounds interesting! One thing we'd love to test whether assertions that are not correctly signed/signed with a different certificate are indeed not accepted. SP's tweak until logging in "works", but we want to ensure that it does _not_ work when it shouldn't.
Kind regards,
Thijs
- [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Alan Lewis, 15-Apr-2021
- Re: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Thijs Kinkhorst, 04/15/2021
- RE: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Alan Lewis, 15-Apr-2021
- Re: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Peter Schober, 15-Apr-2021
- RE: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Alan Lewis, 15-Apr-2021
- Re: [eduGAIN-discuss] Problems and issues with SAML SPs in federations and eduGAIN, Thijs Kinkhorst, 04/15/2021
Archive powered by MHonArc 2.6.19.