On Wed, Jun 3, 2015 at 11:52 AM, Erik Weber <terbol...@gmail.com> wrote:
> > On Wed, Jun 3, 2015 at 11:10 AM, Rohit Yadav <rohit.ya...@shapeblue.com> > wrote: > >> Hi Erik, >> >> > On 02-Jun-2015, at 11:04 pm, Erik Weber <terbol...@gmail.com> wrote: >> > >> > Possible improvement: >> > >> > If saml2.idp.id is blank, try getting it from the metadata. I don't >> know >> > about all other IdPs, but atleast with Microsoft ADFS the IdP id is >> part of >> > the <EntityDescriptor> tag. >> > >> > Example: >> > <EntityDescriptor ID="_66183bea-76b8-4838-9579-6d17a2357d3d" entityID=" >> > http://ppfs.infostorm.no/adfs/services/trust"; >> > xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> >> > >> > saml2.idp.id in this case is: >> http://ppfs.infostorm.no/adfs/services/trust >> >> Thanks, for suggesting will fix this and for all your help in testing >> ADFS with the auth plugin. >> >> In future, you’ll only need to give it the metadata URL. >> >> I’m working on something to support multiple IdP servers, say in case of >> federated login systems where the metadata may have multiple IdP servers. >> In that case this setting will be useful to identify default IdP server >> (will change the config name) > > > > Sounds reasonable :-) > > By the way, let me know if you want assistance in troubleshooting the metadata download failing on https. -- Erik
