-
Type:
Improvement
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 6.5.2.2
-
Component/s: SAML
-
Labels:
In a Signed SSO request with HTTP POST binding eg
http://sp.internal.example.com:38080/openam/saml2/jsp/spSSOInit.jsp?idpEntityID=http%3A%2F%2Fidp.internal.example.net%3A28080%2Fopenam&metaAlias=/sp&reqBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
http://sp.internal.example.com:38080/openam/saml2/jsp/spSSOInit.jsp?idpEntityID=http%3A%2F%2Fidp.internal.example.net%3A28080%2Fopenam&metaAlias=/sp&reqBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POSTa <ds:X509Certificate> tag is found in the SP initiated SSO request
But in a signed SLO request, there is no such option and the <X509Certificate> tag is missing.