Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17393

Allow ID to be added to the EntityDescriptor for a SAML request

    XMLWordPrintable

    Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 6.0.0, 7.0.0, 6.5.3
    • None
    • SAML
    • Rank:
      1|i03jxr:

      Description

      Customer is using AM as their IdP, replacing a legacy identity provider. Their legacy provider has the ID attribute defined in the EntityDecsriptor field when exchanging metadata files with the SP, as below

       

      <ns2:EntityDescriptor xmlns:ns2="urn:oasis:names:tc:SAML:2.0:metadata" xmlns="http://www.w3.org/2000/09/xmldsig#" entityID="xxxxx" ID="_39636130-3063-3739-6235-363237353732">

      When the metadata file is signed the SP is expecting the ID attribute to be present. Although the SAML specification states the field is optional

      ID [*Optional*] - a document-unique identifier for the element, typically used as a reference point when signing.

      The customer wishes to have this added and they're unable to use the entityID attribute

      Please also refer to OPENAM-14309

        Attachments

          Activity

            People

            jonthomas Jonathan Thomas
            gyan.baines Gyan Baines
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: